- Description
- An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
- Source
- security@otrs.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 3.5
- Impact score
- 1.4
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
- Severity
- LOW
- security@otrs.com
- CWE-269
- Hype score
- Not currently trending
CVE-2024-43446 An improper privilege management vulnerability in OTRS Generic Interface... https://t.co/CPyJHJTtTR Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
27 Jan 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43446 An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This is… https://t.co/gnGmbxxfmW
@CVEnew
27 Jan 2025
381 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes