Описание
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
4.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
Связанные уязвимости
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
Уязвимость системы обработки заявок OTRS, связанная с незащищенной функцией вставки отладочной информации в файл журнала во время построения индекса Elasticsearch, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
4.9 Medium
CVSS3
7.5 High
CVSS3