Vulnerabilities > CVE-2018-14593
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 2 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4317.NASL description Three vulnerabilities were discovered in the Open Ticket Request System which could result in privilege escalation or denial of service. last seen 2020-06-01 modified 2020-06-02 plugin id 118099 published 2018-10-15 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118099 title Debian DSA-4317-1 : otrs2 - security update NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1106.NASL description This update for otrs to version 4.0.32 fixes the following issues : These security issues were fixed : - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources (bsc#1109822). - CVE-2018-16587: An attacker could have sent a malicious email to an OTRS system. If a user with admin permissions opens it, it caused deletions of arbitrary files that the OTRS web server user has write access to (bsc#1109823). - CVE-2018-14593: An attacker who is logged into OTRS as an agent may have escalated their privileges by accessing a specially crafted URL (bsc#1103800). These non-security issues were fixed : - fixed permissions file @OTRS_ROOT@/var/tmp -> @OTRS_ROOT@/var/tmp/ - ACL for Action AgentTicketBulk were inconsistent. last seen 2020-06-05 modified 2018-10-05 plugin id 117931 published 2018-10-05 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117931 title openSUSE Security Update : otrs (openSUSE-2018-1106) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1473.NASL description Francesco Sirocco discovered a privilege escalation flaw in otrs2, the Open Ticket Request System. An attacker who is logged into OTRS as a user may escalate their privileges by accessing a specially crafted URL. For Debian 8 last seen 2020-06-01 modified 2020-06-02 plugin id 112049 published 2018-08-22 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112049 title Debian DLA-1473-1 : otrs2 security update NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-748.NASL description This update for otrs to version 4.0.32 fixes the following issues : These security issues were fixed : - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources (bsc#1109822). - CVE-2018-16587: An attacker could have sent a malicious email to an OTRS system. If a user with admin permissions opens it, it caused deletions of arbitrary files that the OTRS web server user has write access to (bsc#1109823). - CVE-2018-14593: An attacker who is logged into OTRS as an agent may have escalated their privileges by accessing a specially crafted URL (bsc#1103800). These non-security issues were fixed : - fixed permissions file @OTRS_ROOT@/var/tmp -> @OTRS_ROOT@/var/tmp/ - ACL for Action AgentTicketBulk were inconsistent. last seen 2020-06-01 modified 2020-06-02 plugin id 123320 published 2019-03-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123320 title openSUSE Security Update : otrs (openSUSE-2019-748)