• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OTRS SOAP Interface Security Bypass Vulnerability

OTRS is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions.

Successful exploits will allow attackers to bypass certain security restrictions and to read and modify objects through the OTRS SOAP interface.

This issue affects these versions:

OTRS 2.1.x prior to 2.1.8
OTRS 2.2.x prior to 2.2.6