Otrs Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Service Management Software	24
Accounting Software	2
Ticket Tracking Software	2
Survey Software	2

Product

OTRS Community Edition	20
OTRS Time Accounting	2
OTRS Open Ticket Request System	2
OTRS OTRSTicketForms	2
OTRS OTRSCIsInCustomerFrontend	2

Remediation

Official Fix	14
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	16

Exploitability

High	0
Functional	0
Proof-of-Concept	2
Unproven	0
Not Defined	28

Access Vector

Not Defined	0
Physical	0
Local	2
Adjacent	4
Network	24

Authentication

Not Defined	0
High	10
Low	16
None	4

User Interaction

Not Defined	0
Required	24
None	6

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	4
≤4	14
≤5	6
≤6	2
≤7	0
≤8	4
≤9	0
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	4
≤4	14
≤5	6
≤6	2
≤7	0
≤8	4
≤9	0
≤10	0

VulDB

≤1	0
≤2	0
≤3	8
≤4	10
≤5	4
≤6	4
≤7	4
≤8	0
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	2
≤4	4
≤5	6
≤6	0
≤7	0
≤8	2
≤9	0
≤10	2

CNA

≤1	0
≤2	0
≤3	2
≤4	4
≤5	0
≤6	0
≤7	4
≤8	2
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	16
<2k	14
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Today

<1k	30
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Products (10): Community Edition (22), FAQ (1), Help Desk (1), Help Desk before (1), ITSM (1), OTRSCIsInCustomerFrontend (1), OTRSTicketForms (1), Open Ticket Request System (2), Survey (1), Time Accounting (1)

Published	Base	Temp	Vulnerability	Prod	Exp	Rem	EPSS	CTI	CVE
03/20/2023	5.2	5.1	OTRS Community Edition Ticket Action Module cross site scripting	Service Management Software	Not Defined	Official Fix	0.00063	0.04	CVE-2023-1248
03/20/2023	7.2	7.1	OTRS Community Edition ACL Module code injection	Service Management Software	Not Defined	Official Fix	0.00042	0.00	CVE-2023-1250
12/19/2022	7.5	7.4	OTRS Community Edition TicketSearch Webservice sql injection	Service Management Software	Not Defined	Official Fix	0.00132	0.05	CVE-2022-4427
09/06/2021	3.5	3.5	OTRS Community Edition Appointment Edit Screen cross site scripting	Service Management Software	Not Defined	Not Defined	0.00054	0.00	CVE-2021-36094
09/06/2021	2.7	2.7	OTRS Community Edition Folder information disclosure	Service Management Software	Not Defined	Not Defined	0.00065	0.00	CVE-2021-36096
09/06/2021	3.7	3.7	OTRS Community Edition Lost Password information disclosure	Service Management Software	Not Defined	Not Defined	0.00073	0.00	CVE-2021-36095
09/06/2021	5.3	5.3	OTRS Community Edition Email denial of service	Service Management Software	Not Defined	Not Defined	0.00085	0.00	CVE-2021-36093
08/10/2021	3.5	3.4	OTRS Open Ticket Request System cross site scripting	Ticket Tracking Software	Not Defined	Official Fix	0.00066	0.04	CVE-2013-4718
08/10/2021	6.3	6.0	OTRS Open Ticket Request System PreferencesCustomQueue.pm sql injection	Ticket Tracking Software	Not Defined	Official Fix	0.00110	0.00	CVE-2013-4717
07/26/2021	4.3	4.3	OTRS Community Edition Email cross site scripting	Service Management Software	Not Defined	Not Defined	0.00078	0.00	CVE-2021-36092

20 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 20 results.

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!