Debian Otrs2 vulnerabilities
102 known vulnerabilities affecting debian/otrs2.
Total CVEs
102
CISA KEV
1
actively exploited
Public exploits
9
Exploited in wild
3
Severity breakdown
HIGH11MEDIUM55LOW36
Vulnerabilities
Page 6 of 6
CVE-2009-5056P4LOWCVSS 2.1fixed in otrs2 2.4.5-1 (bullseye)2009
CVE-2009-5056 [LOW] CVE-2009-5056: otrs2 - Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly enforce t...
Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly enforce the move_into permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-tickets list.
Scope: local
bullseye: resolved (fixed in 2.4.5-1)
debian
CVE-2010-4758P4LOWCVSS 1.9fixed in otrs2 3.0.8+dfsg1-1 (bullseye)2010
CVE-2010-4758 [LOW] CVE-2010-4758: otrs2 - installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Ma...
installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
Scope: local
bullseye: resolved (fixed in 3.0.8+dfsg1-1)
debian
← Previous6 / 6