Plugins Database As of 12-06-2019

Total Plugins 68,728

Dashboard Categories Web application abuses

Heads up! Mageni's Platform can help you to continuously find & fix your vulnerabilities. It is free and always will be.

Download it Now Click Here Now

OTRS 5.0.x < 5.0.37, 6.0.x < 6.0.20, 7.0.x < 7.0.9 Information Disclosure Vulnerability

Web application abuses

Impact by CVSS Score

ID: 1.3.6.1.4.1.25623.1.0.112637

CVSS Base Vector:
AV:N/AC:L/Au:M/C:P/I:N/A:N

Detection Type:
Remote Banner Unreliable

Solution Type:
Vendor Patch

Summary:
OTRS is prone to an information disclosure vulnerability.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS tags in templates in order to disclose hashed user passwords.

Affected Versions:
OTRS 5.0.x through 5.0.36, 6.0.x through 6.0.19 and 7.0.x through 7.0.8.

Recommendations:
Update to version 5.0.37, 6.0.20, 7.0.9 or later.

Severity

Low

CVSS Score

3.3

Published

2019-08-22 09:07:11

Modified

2019-08-22 09:32:29

CVE

CVE-2019-13458

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.

Scanning Plugins

Plugins Categories

CVE Database

Documentation

To perform a search, type a word and hit enter. Some suggestions are:

OTRS 5.0.x < 5.0.37, 6.0.x < 6.0.20, 7.0.x < 7.0.9 Information Disclosure Vulnerability

Web application abuses

You never have to pay for a vulnerability scanning and management software again.