cvelistv5 - cve-2024-43445

CVE-2024-43445 (GCVE-0-2024-43445)

Vulnerability from cvelistv5 – Published: 2025-01-27 05:58 – Updated: 2025-02-12 20:41

Summary

A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected

Severity ?

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE

CWE-20 - Improper Input Validation

Assigner

OTRS

References

URL

Tags

https://otrs.com/release-notes/otrs-security-advi…

vendor-advisory

Impacted products

Vendor

Product

Version

OTRS AG

OTRS

Affected: 7.0.x
Affected: 8.0.x
Affected: 2023.x
Affected: 2024.x
Affected: 2025.x , < 2025.1.x (Patch)

OTRS AG

((OTRS)) Community Edition

Affected: 6.0.x , ≤ 6.0.34 (All)

Credits

Special thanks to Alissa Kim for reporting this vulnerability.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-43445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-27T13:36:30.418831Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T20:41:31.932Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "OTRS",
          "vendor": "OTRS AG",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.x"
            },
            {
              "status": "affected",
              "version": "8.0.x"
            },
            {
              "status": "affected",
              "version": "2023.x"
            },
            {
              "status": "affected",
              "version": "2024.x"
            },
            {
              "lessThan": "2025.1.x",
              "status": "affected",
              "version": "2025.x",
              "versionType": "Patch"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "((OTRS)) Community Edition",
          "vendor": "OTRS AG",
          "versions": [
            {
              "lessThanOrEqual": "6.0.34",
              "status": "affected",
              "version": "6.0.x",
              "versionType": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Special thanks to Alissa Kim for reporting this vulnerability."
        }
      ],
      "datePublic": "2025-01-27T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header \u003ccode\u003eX-Content-Type-Options\u003c/code\u003e to \u003ccode\u003enosniff\u003c/code\u003e. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \n\nThis issue affects: \n\n  *  OTRS 7.0.X\n\n  *  OTRS 8.0.X\n  *  OTRS 2023.X\n  *  OTRS 2024.X\n\n  *  ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-148",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-148 Content Spoofing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-27T05:58:11.722Z",
        "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "shortName": "OTRS"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-01/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
            }
          ],
          "value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches"
        }
      ],
      "source": {
        "advisory": "OSA-2025-01",
        "defect": [
          "Issue#1708",
          "Ticket#2024110542002023"
        ],
        "discovery": "USER"
      },
      "title": "Missing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
    "assignerShortName": "OTRS",
    "cveId": "CVE-2024-43445",
    "datePublished": "2025-01-27T05:58:11.722Z",
    "dateReserved": "2024-08-13T13:38:47.973Z",
    "dateUpdated": "2025-02-12T20:41:31.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-43445\",\"sourceIdentifier\":\"security@otrs.com\",\"published\":\"2025-01-27T06:15:23.743\",\"lastModified\":\"2025-01-27T06:15:23.743\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \\n\\nThis issue affects: \\n\\n  *  OTRS 7.0.X\\n\\n  *  OTRS 8.0.X\\n  *  OTRS 2023.X\\n  *  OTRS 2024.X\\n\\n  *  ((OTRS)) Community Edition: 6.0.x\\n\\nProducts based on the ((OTRS)) Community Edition also very likely to be affected\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad en OTRS y ((OTRS Community Edition)) que no configura el encabezado de respuesta HTTP X-Content-Type-Options como nosniff. Un atacante podr\u00eda aprovechar esta vulnerabilidad al cargar o insertar contenido que se tratar\u00eda como un tipo MIME diferente al previsto. Este problema afecta a: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Los productos basados ??en ((OTRS)) Community Edition tambi\u00e9n son muy propensos a verse afectados\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@otrs.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security@otrs.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://otrs.com/release-notes/otrs-security-advisory-2025-01/\",\"source\":\"security@otrs.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43445\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-27T13:36:30.418831Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T20:36:37.749Z\"}}], \"cna\": {\"title\": \"Missing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing\", \"source\": {\"defect\": [\"Issue#1708\", \"Ticket#2024110542002023\"], \"advisory\": \"OSA-2025-01\", \"discovery\": \"USER\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Special thanks to Alissa Kim for reporting this vulnerability.\"}], \"impacts\": [{\"capecId\": \"CAPEC-148\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-148 Content Spoofing\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"OTRS AG\", \"product\": \"OTRS\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.x\"}, {\"status\": \"affected\", \"version\": \"8.0.x\"}, {\"status\": \"affected\", \"version\": \"2023.x\"}, {\"status\": \"affected\", \"version\": \"2024.x\"}, {\"status\": \"affected\", \"version\": \"2025.x\", \"lessThan\": \"2025.1.x\", \"versionType\": \"Patch\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"OTRS AG\", \"product\": \"((OTRS)) Community Edition\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.x\", \"versionType\": \"All\", \"lessThanOrEqual\": \"6.0.34\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-01-27T08:00:00.000Z\", \"references\": [{\"url\": \"https://otrs.com/release-notes/otrs-security-advisory-2025-01/\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \\n\\nThis issue affects: \\n\\n  *  OTRS 7.0.X\\n\\n  *  OTRS 8.0.X\\n  *  OTRS 2023.X\\n  *  OTRS 2024.X\\n\\n  *  ((OTRS)) Community Edition: 6.0.x\\n\\nProducts based on the ((OTRS)) Community Edition also very likely to be affected\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header \u003ccode\u003eX-Content-Type-Options\u003c/code\u003e to \u003ccode\u003enosniff\u003c/code\u003e. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8\", \"shortName\": \"OTRS\", \"dateUpdated\": \"2025-01-27T05:58:11.722Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-43445\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-12T20:41:31.932Z\", \"dateReserved\": \"2024-08-13T13:38:47.973Z\", \"assignerOrgId\": \"2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8\", \"datePublished\": \"2025-01-27T05:58:11.722Z\", \"assignerShortName\": \"OTRS\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-FG8C-FXJ5-QP3X

Vulnerability from github – Published: 2025-01-27 06:30 – Updated: 2025-01-27 06:30

Details

This issue affects:

OTRS 7.0.X
OTRS 8.0.X
OTRS 2023.X
OTRS 2024.X
((OTRS)) Community Edition: 6.0.x

Products based on the ((OTRS)) Community Edition also very likely to be affected

Severity ?

5.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-43445"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-27T06:15:23Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \n\nThis issue affects: \n\n  *  OTRS 7.0.X\n\n  *  OTRS 8.0.X\n  *  OTRS 2023.X\n  *  OTRS 2024.X\n\n  *  ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected",
  "id": "GHSA-fg8c-fxj5-qp3x",
  "modified": "2025-01-27T06:30:26Z",
  "published": "2025-01-27T06:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43445"
    },
    {
      "type": "WEB",
      "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-43445

Vulnerability from fkie_nvd - Published: 2025-01-27 06:15 - Updated: 2025-01-27 06:15

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Summary

References

	URL	Tags
	security@otrs.com	https://otrs.com/release-notes/otrs-security-advisory-2025-01/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \n\nThis issue affects: \n\n  *  OTRS 7.0.X\n\n  *  OTRS 8.0.X\n  *  OTRS 2023.X\n  *  OTRS 2024.X\n\n  *  ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad en OTRS y ((OTRS Community Edition)) que no configura el encabezado de respuesta HTTP X-Content-Type-Options como nosniff. Un atacante podr\u00eda aprovechar esta vulnerabilidad al cargar o insertar contenido que se tratar\u00eda como un tipo MIME diferente al previsto. Este problema afecta a: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Los productos basados ??en ((OTRS)) Community Edition tambi\u00e9n son muy propensos a verse afectados"
    }
  ],
  "id": "CVE-2024-43445",
  "lastModified": "2025-01-27T06:15:23.743",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "security@otrs.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-27T06:15:23.743",
  "references": [
    {
      "source": "security@otrs.com",
      "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-01/"
    }
  ],
  "sourceIdentifier": "security@otrs.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security@otrs.com",
      "type": "Secondary"
    }
  ]
}

WID-SEC-W-2025-0193

Vulnerability from csaf_certbund - Published: 2025-01-26 23:00 - Updated: 2025-01-26 23:00

Summary

OTRS: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Das Open Ticket Request System (OTRS) ist ein Ticketsystem für Help-Desks.

Angriff

Ein Angreifer kann mehrere Schwachstellen in OTRS ausnutzen, um Daten zu manipulieren, vertrauliche Informationen preiszugeben, Sicherheitsmaßnahmen zu umgehen und sich unbefugten Zugang zu verschaffen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Open Ticket Request System (OTRS) ist ein Ticketsystem f\u00fcr Help-Desks.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in OTRS ausnutzen, um Daten zu manipulieren, vertrauliche Informationen preiszugeben, Sicherheitsma\u00dfnahmen zu umgehen und sich unbefugten Zugang zu verschaffen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0193 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0193.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0193 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0193"
      },
      {
        "category": "external",
        "summary": "OTRS Security Advisory vom 2025-01-26",
        "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-01/"
      },
      {
        "category": "external",
        "summary": "OTRS Security Advisory vom 2025-01-26",
        "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-02/"
      },
      {
        "category": "external",
        "summary": "OTRS Security Advisory vom 2025-01-26",
        "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-03/"
      },
      {
        "category": "external",
        "summary": "OTRS Security Advisory vom 2025-01-26",
        "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-04/"
      },
      {
        "category": "external",
        "summary": "OTRS Security Advisory vom 2025-01-26",
        "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/"
      }
    ],
    "source_lang": "en-US",
    "title": "OTRS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-26T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-27T12:11:51.617+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0193",
      "initial_release_date": "2025-01-26T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-26T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2025.1.x",
                "product": {
                  "name": "OTRS OTRS \u003c2025.1.x",
                  "product_id": "T040632"
                }
              },
              {
                "category": "product_version",
                "name": "2025.1.x",
                "product": {
                  "name": "OTRS OTRS 2025.1.x",
                  "product_id": "T040632-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:otrs:otrs:2025.1.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7",
                "product": {
                  "name": "OTRS OTRS 7",
                  "product_id": "T040633",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:otrs:otrs:7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c2025.2.x",
                "product": {
                  "name": "OTRS OTRS \u003c2025.2.x",
                  "product_id": "T040634"
                }
              },
              {
                "category": "product_version",
                "name": "2025.2.x",
                "product": {
                  "name": "OTRS OTRS 2025.2.x",
                  "product_id": "T040634-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:otrs:otrs:2025.2.x"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OTRS"
          }
        ],
        "category": "vendor",
        "name": "OTRS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-43445",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in OTRS. Fehlende Sicherheits-Header erlauben es Web-Browsern, MIME-Type-Sniffing durchzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Inhalte einzuf\u00fcgen oder hochzuladen, die vom Browser falsch interpretiert werden, was zur Ausf\u00fchrung b\u00f6sartiger Skripte oder zur unbefugten Anzeige unbeabsichtigter Inhalte f\u00fchren kann. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040633",
          "T040632"
        ]
      },
      "release_date": "2025-01-26T23:00:00.000+00:00",
      "title": "CVE-2024-43445"
    },
    {
      "cve": "CVE-2025-24389",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in OTRS. Bestimmte Fehler der Upstream-Bibliotheken f\u00fchren dazu, dass sensible Daten, insbesondere SMTP-Passw\u00f6rter, in die Protokolldateien oder an Systemadministratoren gesendete E-Mails eingef\u00fcgt werden. Ein lokaler Angreifer, der Zugriff auf die Logdateien oder die administrativen E-Mails hat, kann diese Schwachstelle ausnutzen, um SMTP-Zugangsdaten offenzulegen. OTRS muss so konfiguriert werden, dass SMTP-Module anstelle von sendmail verwendet werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040633",
          "T040632"
        ]
      },
      "release_date": "2025-01-26T23:00:00.000+00:00",
      "title": "CVE-2025-24389"
    },
    {
      "cve": "CVE-2025-24387",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Sicherheitsl\u00fccke in OTRS. Eine CSRF-Schutz-Schwachstelle erm\u00f6glicht Session Hijacking. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um eine aktive Session zu \u00fcbernehmen, indem er den fehlenden CSRF-Schutz ausnutzt, um unautorisierte Leseoperationen durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040634",
          "T040633",
          "T040632"
        ]
      },
      "release_date": "2025-01-26T23:00:00.000+00:00",
      "title": "CVE-2025-24387"
    },
    {
      "cve": "CVE-2025-43446",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in OTRS. Die Schwachstelle betrifft das Generic Interface Modul aufgrund von unsachgem\u00e4\u00dfem Privilegienmanagement. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und den Ticketstatus unberechtigt zu \u00e4ndern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040633",
          "T040632"
        ]
      },
      "release_date": "2025-01-26T23:00:00.000+00:00",
      "title": "CVE-2025-43446"
    },
    {
      "cve": "CVE-2025-24390",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in OTRS. Die Schwachstelle besteht aufgrund fehlender Cookie-Flags im OTRS Application Server und den Reverse-Proxy-Einstellungen, wodurch ein Session-Hijacking m\u00f6glich ist. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und sich unberechtigten Zugriff zu verschaffen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040633",
          "T040632"
        ]
      },
      "release_date": "2025-01-26T23:00:00.000+00:00",
      "title": "CVE-2025-24390"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-43445 (GCVE-0-2024-43445)

GHSA-FG8C-FXJ5-QP3X

FKIE_CVE-2024-43445

WID-SEC-W-2025-0193

Tags

Sightings

Nomenclature