CVE-2017-14635
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-14635
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-14635.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-14635
- Related
- Published
- 2017-09-21T13:29:00Z
- Modified
- 2025-01-08T04:35:22.190851Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection.
- References
Affected packages
Debian:11 / otrs2
Package
- Name
- otrs2
- Purl
- pkg:deb/debian/otrs2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.23-1
Affected versions
2.*
2.0.4p01-6
2.0.4p01-7
2.0.4p01-8
2.0.4p01-9
2.0.4p01-10
2.0.4p01-11
2.0.4p01-12
2.0.4p01-13
2.0.4p01-14
2.0.4p01-14.1
2.0.4p01-15
2.0.4p01-16
2.0.4p01-17
2.0.4p01-18
2.0.99beta1-1
2.0.99beta1-2
2.1.1-1
2.1.3-1
2.1.4-1
2.1.4-2
2.1.5-1
2.1.5-2
2.1.5-3
2.1.6-1
2.1.7-1
2.1.7-2
2.2.0~beta2-1
2.2.0~beta3-1
2.2.1-1
2.2.2-1
2.2.3-1
2.2.4-1
2.2.5-1
2.2.5-2
2.2.6-1
2.2.7-1
2.2.7-2
2.2.7-2lenny1
2.2.7-2lenny2
2.2.7-2lenny3
2.2.7-3
2.3.2-1
2.3.2-2
2.3.3-1
2.3.4-1
2.3.4-2
2.3.4-3
2.3.4-4
2.3.4-5
2.3.4-6
2.3.4-7
2.4.5-1
2.4.5-2
2.4.5-3
2.4.5-4
2.4.5-5
2.4.6-1
2.4.6-2
2.4.7-1
2.4.7-2
2.4.7-3
2.4.7-4
2.4.7-5
2.4.7-6
2.4.7+dfsg1-1
2.4.8+dfsg1-1
2.4.9+dfsg1-1
2.4.9+dfsg1-2
2.4.9+dfsg1-3
2.4.9+dfsg1-3+squeeze1
2.4.9+dfsg1-3+squeeze3
2.4.9+dfsg1-3+squeeze4
2.4.9+dfsg1-3+squeeze5
2.4.9+dfsg1-4
2.4.9+dfsg1-5
2.4.10+dfsg1-1
2.4.10+dfsg1-2
2.4.10+dfsg1-3
3.*
3.0.8+dfsg1-1
3.0.9+dfsg1-1
3.0.10+dfsg1-1
3.0.10+dfsg1-2
3.0.11+dfsg1-1
3.1.0~beta4+dfsg1-1
3.1.0~beta5+dfsg1-1
3.1.0~rc1+dfsg1-1
3.1.1+dfsg1-1
3.1.1+dfsg1-2
3.1.2+dfsg1-1
3.1.2+dfsg1-2
3.1.2+dfsg1-3
3.1.3+dfsg1-1
3.1.3+dfsg1-2
3.1.4+dfsg1-1
3.1.5+dfsg1-1
3.1.5+dfsg1-2
3.1.5+dfsg1-3
3.1.6+dfsg1-1
3.1.7+dfsg1-1
3.1.7+dfsg1-2
3.1.7+dfsg1-3
3.1.7+dfsg1-4
3.1.7+dfsg1-5
3.1.7+dfsg1-6
3.1.7+dfsg1-7
3.1.7+dfsg1-8
3.1.8+dfsg1-1
3.1.9+dfsg1-1
3.1.10+dfsg1-1
3.1.11+dfsg1-1
3.1.12+dfsg1-1
3.1.12+dfsg1-2
3.1.12+dfsg1-3
3.2.1+dfsg1-1
3.2.2+dfsg1-1
3.2.3+dfsg1-1
3.2.4-1
3.2.5-1
3.2.6-1
3.2.6-2
3.2.7-1
3.2.7-2
3.2.8-1
3.2.9-1
3.2.9-2
3.2.10-1
3.2.10-2
3.2.11-1~bpo70+1
3.2.11-1
3.2.12-1
3.3.1-1
3.3.2-1
3.3.3-1
3.3.3-2
3.3.3-3
3.3.4-1
3.3.5-1
3.3.6-1
3.3.7-1
3.3.7-2
3.3.8-1
3.3.9-1
3.3.9-2
3.3.9-3~bpo70+1
3.3.9-3
3.3.10-1
3.3.11-1
3.3.18-1~deb7u1
3.3.18-1~deb7u2
3.3.18-1~deb7u3
4.*
4.0.5-1
4.0.5-2
4.0.6-1
4.0.7-1
4.0.7-2
4.0.8-1
4.0.9-1
4.0.10-1
4.0.11-1
4.0.12-1
4.0.13-1~bpo8+1
4.0.13-1
5.*
5.0.1-1
5.0.1-2
5.0.2-1
5.0.3-1
5.0.5-1
5.0.6-1~bpo8+1
5.0.6-1
5.0.7-1
5.0.8-1~bpo8+1
5.0.8-1
5.0.8+dfsg1-1
5.0.9+dfsg1-1
5.0.9+repack1-1
5.0.10-1~bpo8+1
5.0.10-1
5.0.11-1
5.0.12-1
5.0.13-1~bpo8+1
5.0.13-1
5.0.13-2
5.0.14-1~bpo8+1
5.0.14-1
5.0.15-1
5.0.16-1~bpo8+1
5.0.16-1
5.0.17-1
5.0.18-1
5.0.19-1
5.0.20-1
5.0.21-1~bpo9+1
5.0.21-1
5.0.22-1
5.0.23-1~bpo9+1
Git / github.com/otrs/otrs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/otrs/otrs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
Affected versions
Other
rel-1_0_0-RC1
rel-1_0_0-RC2
rel-1_0_0-RC3
rel-1_0_0_rc1
rel-1_0_0_rc2
rel-1_0_0_rc3
rel-1_1_0-RC1
rel-1_1_0-RC2
rel-1_1_0_rc1
rel-1_1_0_rc2
rel-1_2_0-b1
rel-1_2_0-b2
rel-1_2_0-b3
rel-1_2_0_beta1
rel-1_2_0_beta2
rel-1_2_0_beta3
rel-1_2_1
rel-2_0_0-b1
rel-2_0_0_beta1
rel-2_0_1
rel-2_0_2
rel-2_0_3
rel-2_1_0-b1
rel-2_1_0-b2
rel-2_1_0_beta1
rel-2_1_0_beta2
rel-2_1_1
rel-2_1_2
rel-2_1_3
rel-2_2_0-b1
rel-2_2_0-b2
rel-2_2_0-b3
rel-2_2_0-b4
rel-2_2_0_beta1
rel-2_2_0_beta2
rel-2_2_0_beta3
rel-2_2_0_beta4
rel-2_2_1
rel-2_2_2
rel-2_3_1
rel-2_3_2
rel-2_4_0-b2
rel-2_4_0-b3
rel-2_4_0-b4
rel-2_4_0-b6
rel-2_4_0_beta2
rel-2_4_0_beta3
rel-2_4_0_beta4
rel-2_4_0_beta6
rel-2_4_1
rel-2_4_2
rel-2_4_3
rel-2_4_4
rel-3_0_0-b2
rel-3_0_0-b3
rel-3_0_0-b4
rel-3_0_0-b5
rel-3_0_0-b7
rel-3_0_0_beta2
rel-3_0_0_beta3
rel-3_0_0_beta4
rel-3_0_0_beta5
rel-3_0_0_beta7
rel-3_0_1
rel-3_0_2
rel-3_0_3
rel-3_0_4
rel-3_1_0-b1
rel-3_1_0-b3
rel-3_1_0-b4
rel-3_1_0-b5
rel-3_1_0-rc1
rel-3_1_0_beta1
rel-3_1_0_beta3
rel-3_1_0_beta4
rel-3_1_0_beta5
rel-3_1_0_rc1
rel-3_1_2
rel-3_1_4
rel-3_2_0_beta1
rel-3_2_0_beta2
rel-3_2_0_beta3
rel-3_2_0_beta4
rel-3_2_0_beta5
rel-3_2_0_rc1
rel-3_2_1
rel-3_2_2
rel-3_2_3
rel-3_2_4
rel-3_3_0_beta1
rel-3_3_0_beta2
rel-3_3_0_beta3
rel-3_3_0_beta4
rel-3_3_0_beta5
rel-3_3_0_rc1
rel-3_3_1
rel-4_0_0_beta1
rel-4_0_0_beta2
rel-4_0_0_beta3
rel-4_0_0_beta4
rel-4_0_0_beta5
rel-4_0_0_rc1
rel-4_0_1
rel-4_0_2
rel-4_0_3
rel-4_0_4
rel-4_0_5
rel-4_0_6
rel-4_0_7
rel-5_0_0_alpha1
rel-5_0_0_beta1
rel-5_0_0_beta2
rel-5_0_0_beta3
rel-5_0_0_beta4
rel-5_0_0_beta5
rel-5_0_0_rc1