admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-434xx/CVE-2024-43446.json
cad-safe-bot f9efda4aae Auto-Update: 2025-02-09T03:00:20.560002+00:00
2025-02-09 03:03:48 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-43446",
"sourceIdentifier": "security@otrs.com",
"published": "2025-01-27T06:15:24.033",
"lastModified": "2025-01-27T06:15:24.033",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. \n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
},
{
"lang": "es",
"value": "Una vulnerabilidad de administraci\u00f3n de privilegios incorrecta en el m\u00f3dulo de interfaz gen\u00e9rica de OTRS permite cambiar el estado del ticket incluso si el usuario solo tiene permisos ro. Este problema afecta a: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Es muy probable que los productos basados ??en ((OTRS)) Community Edition tambi\u00e9n se vean afectados"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@otrs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@otrs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-02/",
"source": "security@otrs.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink