ID de Prueba:	1.3.6.1.4.1.25623.1.0.803944
Categoría:	Web application abuses
Título:	OTRS ITSM Multiple Input Validation Vulnerability (OSA-2013-05)
Resumen:	OTRS (Open Ticket Request System) or OTRS:ITSM is prone to multiple input validation vulnerability.
Descripción:	Summary: OTRS (Open Ticket Request System) or OTRS:ITSM is prone to multiple input validation vulnerability. Vulnerability Insight: An error exists in AgentITSMConfigItemSearch which does not sanitize user-supplied input properly. Vulnerability Impact: Successful exploitation will allow remote attackers to gain access steal the victim's cookie-based authentication credentials or execute SQL query. Affected Software/OS: OTRS (Open Ticket Request System) version 3.0.x up to and including 3.0.21, 3.1.x up to and including 3.1.17 and 3.2.x up to and including 3.2.8. OTRS::ITSM 3.0.x up to and including 3.0.8, 3.1.x up to and including 3.1.9 and 3.2.x up to and including 3.2.6 Solution: Upgrade to OTRS (Open Ticket Request System) version 3.0.22, 3.1.18, 3.2.9 or later, and OTRS::ITSM version 3.0.9, 3.1.10, 3.2.7 or apply the patch from the referenced vendor advisory. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4717 https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2013-05/ Common Vulnerability Exposure (CVE) ID: CVE-2013-4718
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.