Oval Definition:oval:org.opensuse.security:def:201816587
Revision Date:2021-10-24Version:1
Title:CVE-2018-16587
Description:

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-16587
Mitre CVE-2018-16587
SUSE CVE-2018-16587
openSUSE-SU-2018:3005-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Package Hub for SUSE Linux Enterprise 15
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • otrs-4.0.32-lp150.2.3 is installed
  • AND otrs is signed with openSUSE key
  • OR
  • otrs-doc-4.0.32-lp150.2.3 is installed
  • AND otrs-doc is signed with openSUSE key
  • OR
  • otrs-itsm-4.0.32-lp150.2.3 is installed
  • AND otrs-itsm is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • otrs-4.0.32-bp150.3.3 is installed
  • OR otrs-doc-4.0.32-bp150.3.3 is installed
  • OR otrs-itsm-4.0.32-bp150.3.3 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • otrs-4.0.32-bp150.3.3.1 is installed
  • OR otrs-doc-4.0.32-bp150.3.3.1 is installed
  • OR otrs-itsm-4.0.32-bp150.3.3.1 is installed
    • BACK