MGASA-2015-0031

Source
https://advisories.mageia.org/MGASA-2015-0031.html
Import Source
https://advisories.mageia.org/MGASA-2015-0031.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2015-0031
Related
Published
2015-01-20T14:57:33Z
Modified
2015-01-20T14:49:20Z
Summary
Updated otrs package fixes CVE-2014-9324
Details

Updated otrs package fixes security vulnerability:

An attacker with valid OTRS credentials could access and manipulate ticket data of other users via the GenericInterface, if a ticket webservice is configured and not additionally secured (CVE-2014-9324).

References
Credits

Affected packages

Mageia:4 / otrs

Package

Name
otrs
Purl
pkg:rpm/mageia/otrs?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.2.17-1.mga4

Ecosystem specific

{
    "section": "core"
}