Vulnerabilities > CVE-2018-14593

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
otrs
debian
nessus

Summary

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.

Vulnerable Configurations

Part Description Count
Application
Otrs
1
OS
Debian
2

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4317.NASL
    descriptionThree vulnerabilities were discovered in the Open Ticket Request System which could result in privilege escalation or denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id118099
    published2018-10-15
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118099
    titleDebian DSA-4317-1 : otrs2 - security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1106.NASL
    descriptionThis update for otrs to version 4.0.32 fixes the following issues : These security issues were fixed : - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources (bsc#1109822). - CVE-2018-16587: An attacker could have sent a malicious email to an OTRS system. If a user with admin permissions opens it, it caused deletions of arbitrary files that the OTRS web server user has write access to (bsc#1109823). - CVE-2018-14593: An attacker who is logged into OTRS as an agent may have escalated their privileges by accessing a specially crafted URL (bsc#1103800). These non-security issues were fixed : - fixed permissions file @OTRS_ROOT@/var/tmp -> @OTRS_ROOT@/var/tmp/ - ACL for Action AgentTicketBulk were inconsistent.
    last seen2020-06-05
    modified2018-10-05
    plugin id117931
    published2018-10-05
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117931
    titleopenSUSE Security Update : otrs (openSUSE-2018-1106)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1473.NASL
    descriptionFrancesco Sirocco discovered a privilege escalation flaw in otrs2, the Open Ticket Request System. An attacker who is logged into OTRS as a user may escalate their privileges by accessing a specially crafted URL. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id112049
    published2018-08-22
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112049
    titleDebian DLA-1473-1 : otrs2 security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-748.NASL
    descriptionThis update for otrs to version 4.0.32 fixes the following issues : These security issues were fixed : - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources (bsc#1109822). - CVE-2018-16587: An attacker could have sent a malicious email to an OTRS system. If a user with admin permissions opens it, it caused deletions of arbitrary files that the OTRS web server user has write access to (bsc#1109823). - CVE-2018-14593: An attacker who is logged into OTRS as an agent may have escalated their privileges by accessing a specially crafted URL (bsc#1103800). These non-security issues were fixed : - fixed permissions file @OTRS_ROOT@/var/tmp -> @OTRS_ROOT@/var/tmp/ - ACL for Action AgentTicketBulk were inconsistent.
    last seen2020-06-01
    modified2020-06-02
    plugin id123320
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123320
    titleopenSUSE Security Update : otrs (openSUSE-2019-748)