漏洞关键信息 基本信息 漏洞ID: Bug 473844 (CVE-2013-4088) 状态: RESOLVED FIXED 产品: Gentoo Security 组件: Vulnerabilities 重要性: Normal trivial URL: https://secunia.com/advisories/53851/ 漏洞描述 A vulnerability has been reported in OTRS, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to the application not properly verifying permissions when accessing tickets via the ticket watch mechanism and can be exploited to disclose contents of otherwise inaccessible tickets. The vulnerability is reported in versions 3.2.x prior to 3.2.8, 3.1.x prior to 3.1.17, and 3.0.x prior to 3.0.21. 解决方案 Update to version 3.2.8, 3.1.17, or 3.0.21. 其他信息 报告人: Agostino Sarubbo 报告时间: 2013-06-19 15:46 UTC 修复完成: 2015-08-14 01:07:32 UTC