Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [announce]New Security Updates for OTRS

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [announce]New Security Updates for OTRS


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Erkan Yilmaz <erkan.yilmaz AT otrs.com>
  • To: announce AT otrs.org
  • Subject: [IT-SecNots] [announce]New Security Updates for OTRS
  • Date: Mon, 21 Mar 2022 10:16:51 +0100
  • Archived-at: <>
  • List-archive: <>
  • List-id: "Announcements about OTRS.org" <announce.lists.otrs.org>

image

Security Advisories

Dear reader,

The following security fix/es was/were made:

OTRS Security Advisory 2022-03

ID: OSA-2022-03
Date: 2022-03-21
Title: Authenticated remote code execution
Severity: 6.4 MEDIUM
Product: OTRS 8.0.x, OTRS 7.0.x, OTRSSTORM 8.0.x, OTRSSTORM 7.0.x, SystemMonitoring 8.0.x, SystemMonitoring 7.0.x
Fixed in: OTRS 8.0.20, OTRS 7.0.33, OTRSSTORM 8.0.12, OTRSSTORM 7.0.28, SystemMonitoring 8.0.9, SystemMonitoring 7.0.19
FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
References: CVE-2021-36100


OTRS Security Advisory 2022-05

ID: OSA-2022-05
Date: 2022-03-21
Title: Possible XSS attack via translation
Severity: 3.5 LOW
Product: OTRS 7.0.x, OTRS 8.0.x
Fixed in: OTRS 7.0.33, OTRS 8.0.20
FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
References: CVE-2022-0475


OTRS Security Advisory 2022-06

ID: OSA-2022-06
Date: 2022-03-21
Title: Information disclosure in the External Interface
Severity: 4.3 MEDIUM
Product: OTRS 7.0.x, OTRS 8.0.x
Fixed in: OTRS 7.0.33, OTRS 8.0.20
FULL CVSS v3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References: CVE-2022-1004


To read the entire Security Advisory/Advisories, please follow this link:
https://otrs.com/overview-release-notes-security-advisories/security-advisories/ 
Kind regards, 
Your OTRS release team 
image

Subscribe to the OTRS Newsletter.

Read about OTRS service management solutions, product features, and interesting tips from our experts every month. Simply select your desired language.

Facebook Twitter LinkedIn YouTube Instagram


Attachment: smime.p7s
Description: S/MIME cryptographic signature

--
_______________________________________________
announce mailing list -- announce AT lists.otrs.org
To unsubscribe send an email to announce-leave AT lists.otrs.org
To manage your subscription or browse the message archive visit:
https://lists.otrs.org/postorius/lists/announce.lists.otrs.org/

  • [IT-SecNots] [announce]New Security Updates for OTRS, Erkan Yilmaz, 21.03.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang