Vulnerability Description
In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or ;Subaction=Start or ;Subaction=System appended at the end.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Otrs | Otrs | >= 3.3.0, <= 3.3.16 |
| Debian | Debian Linux | 8.0 |
Related Weaknesses (CWE)
References
- http://www.debian.org/security/2017/dsa-3876Third Party Advisory
- https://packetstormsecurity.com/files/142862/OTRS-Install-Dialog-Disclosure.htmlMailing ListThird Party AdvisoryVDB Entry
- https://www.otrs.com/security-advisory-2017-03-security-update-otrs-versions/Vendor Advisory
- http://www.debian.org/security/2017/dsa-3876Third Party Advisory
- https://packetstormsecurity.com/files/142862/OTRS-Install-Dialog-Disclosure.htmlMailing ListThird Party AdvisoryVDB Entry
- https://www.otrs.com/security-advisory-2017-03-security-update-otrs-versions/Vendor Advisory
FAQ
What is CVE-2017-9324?
CVE-2017-9324 is a vulnerability with a CVSS score of 8.8 (HIGH). In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain admin...
How severe is CVE-2017-9324?
CVE-2017-9324 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-9324?
Check the references section above for vendor advisories and patch information. Affected products include: Otrs Otrs, Debian Debian Linux.