HTTP: OTRS Information Disclosure
This signature detects attempts to exploit a known vulnerability against OTRS. A successful attack can lead to Information Disclosure.
Extended Description
In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or ;Subaction=Start or ;Subaction=System appended at the end.
Affected Products
Otrs otrs
References
CVE: CVE-2017-9324
Short Name
HTTP:INFO-LEAK:OTRS-INSTALL
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-9324 Disclosure Information OTRS
Release Date
03/28/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Otrs
Debian
CVSS Score
6.5