Vulnerabilities (CVE)

Filtered by vendor Otrs Subscribe

Filtered by product Otrs Itsm

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-36100	1 Otrs	3 Otrs, Otrs Itsm, Otrs Storm	2022-07-12	9.0 HIGH	8.8 HIGH
Specially crafted string in OTRS system configuration can allow the execution of any system command.
CVE-2013-4717	1 Otrs	2 Otrs, Otrs Itsm	2021-08-17	6.5 MEDIUM	8.8 HIGH
Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm.