Vulnerability Description
Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.x before 2.4.11 and 3.x before 3.0.10 allows remote authenticated administrators to read arbitrary files via unknown vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Otrs | Otrs | 2.0.0 |
References
- http://lists.opensuse.org/opensuse-updates/2011-09/msg00011.html
- http://otrs.org/advisory/OSA-2011-03-en/Vendor Advisory
- http://secunia.com/advisories/45701Vendor Advisory
- http://secunia.com/advisories/45894
- http://www.osvdb.org/74602
- http://www.securityfocus.com/bid/49251
- http://lists.opensuse.org/opensuse-updates/2011-09/msg00011.html
- http://otrs.org/advisory/OSA-2011-03-en/Vendor Advisory
- http://secunia.com/advisories/45701Vendor Advisory
- http://secunia.com/advisories/45894
- http://www.osvdb.org/74602
- http://www.securityfocus.com/bid/49251
FAQ
What is CVE-2011-2746?
CVE-2011-2746 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.x before 2.4.11 and 3.x before 3.0.10 allows remote authenticated administrators ...
How severe is CVE-2011-2746?
CVE-2011-2746 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2746?
Check the references section above for vendor advisories and patch information. Affected products include: Otrs Otrs.