CVE-2021-21436
Agent is able to link customer's Config Items without permission
Agents are able to see and link Config Items without permissions, which are defined in General Catalog. This issue affects: OTRS AG OTRSCIsInCustomerFrontend 7.0.x version 7.0.14 and prior versions.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Affected products
OTRS AG · OTRSCIsInCustomerFrontendWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →