Vulnerability Description
When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.
CVSS Score
3.5
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Otrs | Calendar Resource Planning | >= 7.0.0, < 7.0.31 |
| Otrs | Otrs | >= 7.0.0, < 7.0.35 |
Related Weaknesses (CWE)
References
- https://otrs.com/release-notes/otrs-security-advisory-2022-07/Release NotesVendor Advisory
- https://otrs.com/release-notes/otrs-security-advisory-2022-07/Release NotesVendor Advisory
FAQ
What is CVE-2022-32739?
CVE-2022-32739 is a vulnerability with a CVSS score of 3.5 (LOW). When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.
How severe is CVE-2022-32739?
CVE-2022-32739 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-32739?
Check the references section above for vendor advisories and patch information. Affected products include: Otrs Calendar Resource Planning, Otrs Otrs.