Test Kennung:	1.3.6.1.4.1.25623.1.0.803944
Kategorie:	Web application abuses
Titel:	OTRS ITSM Multiple Input Validation Vulnerability
Zusammenfassung:	This host is installed with OTRS (Open Ticket Request System) or OTRS:ITSM; and is prone to multiple input validation vulnerability.
Beschreibung:	Summary: This host is installed with OTRS (Open Ticket Request System) or OTRS:ITSM and is prone to multiple input validation vulnerability. Vulnerability Insight: An error exists in AgentITSMConfigItemSearch which does not sanitize user-supplied input properly. Vulnerability Impact: Successful exploitation will allow remote attackers to gain access steal the victim's cookie-based authentication credentials or execute SQL query. Affected Software/OS: OTRS (Open Ticket Request System) version 3.0.x up to and including 3.0.21, 3.1.x up to and including 3.1.17 and 3.2.x up to and including 3.2.8. OTRS::ITSM 3.0.x up to and including 3.0.8, 3.1.x up to and including 3.1.9 and 3.2.x up to and including 3.2.6 Solution: Upgrade to OTRS (Open Ticket Request System) version 3.0.22, 3.1.18, 3.2.9 or later, and OTRS::ITSM version 3.0.9, 3.1.10, 3.2.7 or apply the patch from the referenced vendor advisory. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	BugTraq ID: 61036 BugTraq ID: 61037 Common Vulnerability Exposure (CVE) ID: CVE-2013-4717 https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2013-05/ Common Vulnerability Exposure (CVE) ID: CVE-2013-4718
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.