The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of OTRS Help Desk

OTRS Help Desk: privilege escalation via LDAP
An attacker can bypass restrictions via LDAP of OTRS Help Desk, in order to escalate his privileges...
CVE-2020-1778, OSA-2020-16, VIGILANCE-VUL-33956
OTRS: information disclosure via Chat Conversation Agent Names
An attacker can bypass access restrictions to data via Chat Conversation Agent Names of OTRS, in order to obtain sensitive information...
CVE-2020-1777, OSA-2020-14, OSA-2020-15, VIGILANCE-VUL-33541
OTRS Help Desk: information disclosure via Renamed Agent User
An attacker can bypass access restrictions to data via Renamed Agent User of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1776, OSA-2020-13, VIGILANCE-VUL-32881
OTRS Help Desk: information disclosure via BCC Recipients List
An attacker can bypass access restrictions to data via BCC Recipients List of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1775, OSA-2020-12, VIGILANCE-VUL-32459
OTRS Help Desk: private key disclosure
An attacker can bypass access restrictions to data in OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1774, DLA-2198-1, OSA-2020-11, VIGILANCE-VUL-32107
jQuery Core: Cross Site Scripting via HtmlPrefilter Regex
An attacker can trigger a Cross Site Scripting via HtmlPrefilter Regex of jQuery Core, in order to run JavaScript code in the context of the web site...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, 6344075, 6367943, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, CERTFR-2020-AVI-797, cpujan2021, cpujul2020, cpuoct2020, CVE-2020-11022, CVE-2020-11023, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-2020-262, DSA-2020-270, DSA-4693-1, FEDORA-2020-0b32a59b54, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, FEDORA-2020-fbb94073a1, K02453220, K66544153, KM03758436, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, openSUSE-SU-2020:1888-1, OSA-2020-14, RHSA-2020:3936-01, RHSA-2020:4670-01, RHSA-2020:4847-01, TNS-2020-10, VIGILANCE-VUL-32007
OTRS Help Desk: five vulnerabilities
An attacker can use several vulnerabilities of OTRS Help Desk...
CVE-2020-1769, CVE-2020-1770, CVE-2020-1771, CVE-2020-1772, CVE-2020-1773, DLA-2198-1, openSUSE-SU-2020:0551-1, openSUSE-SU-2020:1475-1, OSA-2020-06, OSA-2020-07, OSA-2020-08, OSA-2020-09, OSA-2020-10, VIGILANCE-VUL-31896
OTRS Help Desk: spoofing via Spoofed Draft Messages
An attacker can create spoofed data via Spoofed Draft Messages of OTRS Help Desk, because of jQuery (VIGILANCE-VUL-29030), in order to deceive the victim...
CVE-2019-11358, OSA-2020-05, VIGILANCE-VUL-31545
OTRS Help Desk: unexpired session via SessionMaxIdleTime Ignored
Background tasks are counted for SessionMaxIdleTime of OTRS Help Desk, so an attacker can ensure that his session will never expire...
CVE-2020-1768, VIGILANCE-VUL-31544
OTRS Help Desk: information disclosure via Drafted Messages Spoofing
An attacker can bypass access restrictions to data via Drafted Messages Spoofing of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1767, DLA-2079-1, OSA-2020-03, VIGILANCE-VUL-31295
Our database contains other pages. You can request a free trial to read them.

Display information about OTRS Help Desk: