Vulnerabilities > CVE-2019-10065 - Unspecified vulnerability in Otrs

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

otrs

NVD

Published: 2020-03-10

Updated: 2020-08-24

Summary

An issue was discovered in Open Ticket Request System (OTRS) 7.0 through 7.0.6. An attacker who is logged into OTRS as a customer user can use the search result screens to disclose information from internal FAQ articles, a different vulnerability than CVE-2019-9753.

Vulnerable Configurations

Part	Description	Count
Application	Otrs Otrs Otrs 7.0.0 Otrs Otrs 7.0.4 Otrs Otrs 7.0.5 Otrs Otrs 7.0.6	6

References

https://otrs.com/release-notes/otrs-security-advisory-2019-07/
https://community.otrs.com/category/release-and-security-notes-en/