Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2014-1694
PUBLISHED
More InfoOfficial Page
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
View Known Exploited Vulnerability (KEV) details
Published At-04 Feb, 2014 | 16:00
Updated At-06 Aug, 2024 | 09:50
Rejected At-
▼CVE Numbering Authority (CNA)

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) CustomerPreferences.pm, (2) CustomerTicketMessage.pm, (3) CustomerTicketProcess.pm, and (4) CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System (OTRS) 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow remote attackers to hijack the authentication of arbitrary users for requests that (5) create tickets or (6) send follow-ups to existing tickets.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://osvdb.org/102632
vdb-entry
x_refsource_OSVDB
https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface
x_refsource_CONFIRM
https://github.com/OTRS/otrs/commit/6f324aaf8647729d509eebf063a0181f9f9196f7
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2014/01/29/15
mailing-list
x_refsource_MLIST
https://www.otrs.com/release-notes-otrs-help-desk-3-3-4
x_refsource_CONFIRM
https://github.com/OTRS/otrs/commit/92f417277f43832f1a0462f2485fe1fd3fd52312
x_refsource_CONFIRM
http://secunia.com/advisories/56655
third-party-advisory
x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2014/01/29/7
mailing-list
x_refsource_MLIST
https://github.com/OTRS/otrs/commit/ca2c3390fd60d9a3f810ed2c22cbc2c193457b77
x_refsource_CONFIRM
http://secunia.com/advisories/56644
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-2867
vendor-advisory
x_refsource_DEBIAN
http://bugs.otrs.org/show_bug.cgi?id=10099
x_refsource_CONFIRM
Hyperlink: http://osvdb.org/102632
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/OTRS/otrs/commit/6f324aaf8647729d509eebf063a0181f9f9196f7
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/29/15
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://www.otrs.com/release-notes-otrs-help-desk-3-3-4
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/OTRS/otrs/commit/92f417277f43832f1a0462f2485fe1fd3fd52312
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/56655
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/29/7
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://github.com/OTRS/otrs/commit/ca2c3390fd60d9a3f810ed2c22cbc2c193457b77
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/56644
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2014/dsa-2867
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://bugs.otrs.org/show_bug.cgi?id=10099
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://osvdb.org/102632
vdb-entry
x_refsource_OSVDB
x_transferred
https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface
x_refsource_CONFIRM
x_transferred
https://github.com/OTRS/otrs/commit/6f324aaf8647729d509eebf063a0181f9f9196f7
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2014/01/29/15
mailing-list
x_refsource_MLIST
x_transferred
https://www.otrs.com/release-notes-otrs-help-desk-3-3-4
x_refsource_CONFIRM
x_transferred
https://github.com/OTRS/otrs/commit/92f417277f43832f1a0462f2485fe1fd3fd52312
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/56655
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openwall.com/lists/oss-security/2014/01/29/7
mailing-list
x_refsource_MLIST
x_transferred
https://github.com/OTRS/otrs/commit/ca2c3390fd60d9a3f810ed2c22cbc2c193457b77
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/56644
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2014/dsa-2867
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://bugs.otrs.org/show_bug.cgi?id=10099
x_refsource_CONFIRM
x_transferred
Hyperlink: http://osvdb.org/102632
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/OTRS/otrs/commit/6f324aaf8647729d509eebf063a0181f9f9196f7
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/29/15
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://www.otrs.com/release-notes-otrs-help-desk-3-3-4
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/OTRS/otrs/commit/92f417277f43832f1a0462f2485fe1fd3fd52312
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/56655
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/29/7
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://github.com/OTRS/otrs/commit/ca2c3390fd60d9a3f810ed2c22cbc2c193457b77
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/56644
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2014/dsa-2867
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://bugs.otrs.org/show_bug.cgi?id=10099
Resource:
x_refsource_CONFIRM
x_transferred
Details not found