Published: 28/09/2018 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.

Vulnerable Product	Search on Vulmon	Subscribe to Product
otrs open ticket request system
debian debian linux 8.0
debian debian linux 9.0

Three vulnerabilities were discovered in the Open Ticket Request System which could result in privilege escalation or denial of service For the stable distribution (stretch), these problems have been fixed in version 5016-1+deb9u6 We recommend that you upgrade your otrs2 packages For the detailed security status of otrs2 please refer to its se ...

NVD-CWE-noinfo https://lists.debian.org/debian-lts-announce/2018/09/msg00033.html https://github.com/OTRS/otrs/commit/baa92df09145b8ae2702a3a0e85d8ba55ec96302 https://github.com/OTRS/otrs/commit/a808859a75c59ae3b7568f5cc4708c53462aa4c7 https://github.com/OTRS/otrs/commit/09e80c7752b0d9080688e4597c7495dd109e0963 https://community.otrs.com/security-advisory-2018-05-security-update-for-otrs-framework/https://www.debian.org/security/2018/dsa-4317 https://www.debian.org/security/./dsa-4317 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-16586

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect