← Zuruck zu CVEs

CVE-2011-1433

N/A

Beschreibung

The (1) AgentInterface and (2) CustomerInterface components in Open Ticket Request System (OTRS) before 3.0.6 place cleartext credentials into the session data in the database, which makes it easier for context-dependent attackers to obtain sensitive information by reading the _UserLogin and _UserPW fields.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht3/18/2011

Zuletzt geandert4/29/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

otrs:otrs

Schwachen (CWE)

CWE-310

Referenzen

http://bugs.otrs.org/show_bug.cgi?id=6878(cve@mitre.org)

http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/66196(cve@mitre.org)

http://bugs.otrs.org/show_bug.cgi?id=6878(af854a3a-2127-422b-91ae-364da2661108)

http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/66196(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.