CVE-2024-6540 - Vulnerability Details - OpenCVE

Description

Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.
This issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x

Published: 2024-07-15

Score: 5.7 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

OTRS AG

OTRS

unaffected

Version	Status	Constraints
`8.0.x`	affected	—
`2023.x`	affected	—
`2024.x`	affected	≤ 2024.4.x

Configuration 1 [-]

cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Update to OTRS 2024.5.2

Vendor Workaround

Have TicketSearchLegacyEngine enabled

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-47615	Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator. This issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00445.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://otrs.com/release-notes/otrs-security-advisory-2024-07/

History

No history.

Subscriptions

Otrs Otrs

MITRE

Status: PUBLISHED

Assigner: OTRS

Published: 2024-07-15T07:13:49.918Z

Updated: 2024-08-01T21:41:03.955Z

Reserved: 2024-07-08T07:35:49.064Z

Link: CVE-2024-6540

Vulnrichment

Updated: 2024-08-01T21:41:03.955Z

NVD

Status : Modified

Published: 2024-07-15T08:15:02.743

Modified: 2024-11-21T09:49:50.857

Link: CVE-2024-6540

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6540", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "state": "PUBLISHED", "assignerShortName": "OTRS", "dateReserved": "2024-07-08T07:35:49.064Z", "datePublished": "2024-07-15T07:13:49.918Z", "dateUpdated": "2024-08-01T21:41:03.955Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["External interface"], "product": "OTRS", "vendor": "OTRS AG", "versions": [{"status": "affected", "version": "8.0.x"}, {"status": "affected", "version": "2023.x"}, {"lessThanOrEqual": "2024.4.x", "status": "affected", "version": "2024.x", "versionType": "Patch"}]}], "datePublic": "2024-07-15T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.<br><p>This issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x</p>"}], "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\nThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\n\n"}], "impacts": [{"capecId": "CAPEC-54", "descriptions": [{"lang": "en", "value": "CAPEC-54 Query System for Information"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-790", "description": "CWE-790 Improper Filtering of Special Elements", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2024-07-15T10:41:47.335Z"}, "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to OTRS 2024.5.2<br>"}], "value": "Update to OTRS 2024.5.2\n"}], "source": {"advisory": "OSA-2024-07", "defect": ["Issue##2638", "Ticket#2024070142001245"], "discovery": "USER"}, "title": "Information exlosure in external interface", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Have TicketSearchLegacyEngine enabled<br>"}], "value": "Have TicketSearchLegacyEngine enabled\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-15T13:10:12.804749Z", "id": "CVE-2024-6540", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T13:10:28.205Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:03.955Z"}, "title": "CVE Program Container", "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:03.955Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6540", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-15T13:10:12.804749Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T13:10:19.780Z"}}], "cna": {"title": "Information exlosure in external interface", "source": {"defect": ["Issue##2638", "Ticket#2024070142001245"], "advisory": "OSA-2024-07", "discovery": "USER"}, "impacts": [{"capecId": "CAPEC-54", "descriptions": [{"lang": "en", "value": "CAPEC-54 Query System for Information"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OTRS AG", "modules": ["External interface"], "product": "OTRS", "versions": [{"status": "affected", "version": "8.0.x"}, {"status": "affected", "version": "2023.x"}, {"status": "affected", "version": "2024.x", "versionType": "Patch", "lessThanOrEqual": "2024.4.x"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to OTRS 2024.5.2\n", "supportingMedia": [{"type": "text/html", "value": "Update to OTRS 2024.5.2<br>", "base64": false}]}], "datePublic": "2024-07-15T07:00:00.000Z", "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"}], "workarounds": [{"lang": "en", "value": "Have TicketSearchLegacyEngine enabled\n", "supportingMedia": [{"type": "text/html", "value": "Have TicketSearchLegacyEngine enabled<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\nThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\n\n", "supportingMedia": [{"type": "text/html", "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.<br><p>This issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-790", "description": "CWE-790 Improper Filtering of Special Elements"}]}], "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2024-07-15T10:41:47.335Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6540", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:41:03.955Z", "dateReserved": "2024-07-08T07:35:49.064Z", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "datePublished": "2024-07-15T07:13:49.918Z", "assignerShortName": "OTRS"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E122DB1-85DB-4430-A8C2-1B599364FD1F", "versionEndExcluding": "2024.5.2", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\nThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\n\n"}, {"lang": "es", "value": "Un filtrado inadecuado de los campos al utilizar la funci\u00f3n de exportaci\u00f3n en la descripci\u00f3n general de tickets de la interfaz externa en OTRS podr\u00eda permitir a un usuario autorizado descargar una lista de tickets que contiene informaci\u00f3n sobre tickets de otros clientes. El problema solo ocurre si el administrador ha desactivado TicketSearchLegacyEngine. Este problema afecta a OTRS: 8.0.X, 2023.X, desde 2024.X hasta 2024.4.x"}], "id": "CVE-2024-6540", "lastModified": "2024-11-21T09:49:50.857", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.6, "source": "security@otrs.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-15T08:15:02.743", "references": [{"source": "security@otrs.com", "tags": ["Vendor Advisory"], "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"}], "sourceIdentifier": "security@otrs.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-790"}], "source": "security@otrs.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}