Home » OTRS: IT safety alert about new vulnerabilities

OTRS: IT safety alert about new vulnerabilities

by admin
OTRS: IT safety alert about new vulnerabilities

There is a present IT safety alert for OTRS. You can discover out what the dangers are, which merchandise are affected and what you are able to do right here.

Federal workplace for Security in Information Technology (BSI) issued an OTRS safety advisory on 2 June 2024. Linux and Windows working methods and the OTRS product OTRS are affected by the safety hole.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability may be discovered right here: OTRS Security Advisory 2024-05 (Stop: 02.06.2024).

OTRS safety discover – Risk: reasonable

Risk stage: 4 (reasonable)
CVSS Base Score: 6.3
CVSS provisional rating: 5.5
Remote management: Ja

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop methods. The CVSS customary makes it attainable to check potential or precise safety dangers primarily based on numerous standards to create a precedence checklist for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. Temporary scores additionally keep in mind modifications over time within the danger state of affairs. According to the CVSS, the present vulnerability danger is assessed as “inner” with 6.3 foundation factors.

OTRS bug: Vulnerability permits code execution

The Open Ticket Request System (OTRS) is a ticketing system for assist desks.

A distant, licensed attacker might exploit a vulnerability in OTRS to execute arbitrary code.

Vulnerabilities are recognized by a CVE (Common Vulnerabilities and Exposures) ID quantity. CVE-2024-23793 on the market.

See also  US committee even defends neo-Nazi group to attack Brazil

Programs affected by the OTRS safety vulnerability at a look

Operating methods
Linux, Windows


General steps for coping with IT vulnerabilities

  1. Users of affected methods ought to keep up-to-date. When safety holes are recognized, producers are required to repair them rapidly by creating a patch or workaround. When new safety updates can be found, set up them instantly.
  2. For data, see the sources listed within the subsequent part. This typically comprises extra details about the newest model of the software program in query and the supply of safety patches or efficiency suggestions.
  3. If you will have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to repeatedly examine the desired sources to see if a brand new safety replace is out there.

Sources for updates, patches and workarounds

Here you’ll discover some hyperlinks with details about bug stories, safety fixes and workarounds.

OTRS Security Advisory 2024-05 vom 2024-06-02 (02.06.2024)
For extra data, see:

Version historical past of this safety alert

This is the primary model of this OTRS IT safety discover. This doc will probably be up to date as updates are introduced. You can examine modifications or additions on this model historical past.

June 2, 2024 – First model

+++ Editorial observe: This doc relies on present BSI knowledge and will probably be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here you’ll discover scorching information, present movies and a direct line to the editorial staff.

See also  A (paid) sabbatical year to launch a startup in Italy: the Scientifica venture project


You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy