CVE-2019-18179

LOW Year: 2019
CVSS v3 Score
3.5
Low
CVSS v2 Score
4.0
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.

Related Vulnerabilities

CVE-2016-3531

LOW
CVSS:3.5(Low)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to PC ...

NVD-CWE-Other2016

CVE-2017-10014

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RESTAPI). The supported version that is affected is 1.1. Easily exploitable vuln...

NVD-CWE-Other2017

CVE-2017-10308

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerab...

NVD-CWE-Other2017

CVE-2017-3235

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2...

NVD-CWE-Other2017

CVE-2019-2547

LOW
CVSS:3.5(Low)

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged ...

NVD-CWE-Other2019

CVE-2019-2793

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.1-12.0.3, 12.1....

NVD-CWE-Other2019