CVE-2018-14593
HIGH8.8EPSS 0.65%otrs2 - security update
Published: 8/4/2018Modified: 4/28/2026
Also known as:DEBIAN-CVE-2018-14593
Description
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Affected packages (3)
- Debian/otrs2from 0, < 6.0.10-1
- Debian/otrs2from 0, < 3.3.18-1+deb8u5
- Debian/otrs2from 0, < 5.0.16-1+deb9u6
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |