CVE-2025-24389

Published Jan 27, 2025

Last updated a month ago

CVSS medium 6.3

Overview

Description
Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
Source
security@otrs.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.3
Impact score
5.2
Exploitability score
1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity
MEDIUM

Weaknesses

security@otrs.com
CWE-532

Social media

Hype score
Not currently trending

  1. CVE-2025-24389 Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system admini… https://t.co/g3RLnc4WZd

    @CVEnew

    27 Jan 2025

    407 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References