Vulnerability CVE-2014-1694

Vulnerability Name:

CVE-2014-1694 (CCN-90862)

Assigned:

2014-01-28

Published:

2014-01-28

Updated:

2014-03-06

Summary:

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) CustomerPreferences.pm, (2) CustomerTicketMessage.pm, (3) CustomerTicketProcess.pm, and (4) CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System (OTRS) 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow remote attackers to hijack the authentication of arbitrary users for requests that (5) create tickets or (6) send follow-ups to existing tickets.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-352

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: UNKNOWN
http://bugs.otrs.org/show_bug.cgi?id=10099

Source: MITRE
Type: CNA
CVE-2014-1694

Source: OSVDB
Type: UNKNOWN
102632

Source: CCN
Type: SA56644
OTRS Help Desk Cross-Site Request Forgery and SQL Injection Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
56644

Source: CCN
Type: SA56655
OTRS Cross-Site Request Forgery and SQL Injection Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
56655

Source: DEBIAN
Type: UNKNOWN
DSA-2867

Source: MLIST
Type: UNKNOWN
[oss-security] 20140129 Re: CVE Request: otrs: CSRF issue in customer web interface

Source: MLIST
Type: UNKNOWN
[oss-security] 20140129 CVE Request: otrs: CSRF issue in customer web interface

Source: CCN
Type: BID-65217
OTRS Customer Web Interface Cross Site Request Forgery Vulnerability

Source: XF
Type: UNKNOWN
otrs-cve20411694-csrf(90862)

Source: CONFIRM
Type: Exploit, Patch
https://github.com/OTRS/otrs/commit/6f324aaf8647729d509eebf063a0181f9f9196f7

Source: CONFIRM
Type: Exploit, Patch
https://github.com/OTRS/otrs/commit/92f417277f43832f1a0462f2485fe1fd3fd52312

Source: CONFIRM
Type: Exploit, Patch
https://github.com/OTRS/otrs/commit/ca2c3390fd60d9a3f810ed2c22cbc2c193457b77

Source: CONFIRM
Type: UNKNOWN
https://www.otrs.com/release-notes-otrs-help-desk-3-3-4

Source: CONFIRM
Type: Patch, Vendor Advisory
https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface

Source: CCN
Type: OTRS Security Advisory 2014-01
CSRF issue in customer web interface

Vulnerable Configuration:

Configuration 1:

cpe:/a:otrs:otrs:3.2.0:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.0:beta1:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.0:beta2:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.0:beta3:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.0:beta4:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.0:beta5:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.0:rc1:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.1:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.2:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.3:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.4:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.5:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.6:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.7:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.8:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.9:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.2.10:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:otrs:otrs:3.1.0:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.1:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.2:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.3:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.4:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.5:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.6:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.7:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.8:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.9:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.10:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.11:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.13:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.14:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.15:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.16:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.17:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.1.18:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:otrs:otrs:3.3.0:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.0:beta1:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.0:beta2:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.0:beta3:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.0:beta4:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.0:beta5:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.0:rc1:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.1:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.2:*:*:*:*:*:*:*

OR cpe:/a:otrs:otrs:3.3.3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:otrs:otrs_help_desk:3.3.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:23788	P	DSA-2867-1 otrs2 - several	2014-07-21
oval:com.ubuntu.precise:def:20141694000	V	CVE-2014-1694 on Ubuntu 12.04 LTS (precise) - medium.	2014-02-04
oval:com.ubuntu.xenial:def:201416940000000	V	CVE-2014-1694 on Ubuntu 16.04 LTS (xenial) - medium.	2014-02-04
oval:com.ubuntu.trusty:def:20141694000	V	CVE-2014-1694 on Ubuntu 14.04 LTS (trusty) - medium.	2014-02-04
oval:com.ubuntu.xenial:def:20141694000	V	CVE-2014-1694 on Ubuntu 16.04 LTS (xenial) - medium.	2014-02-04

BACK