Design/Logic Flaw

2022-06-1308:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.5%

JSON

When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.

CPENameOperatorVersion
calendar_resource_planningge8.0.0
calendar_resource_planninglt8.0.23
calendar_resource_planningge7.0.0
calendar_resource_planninglt7.0.31
otrsge8.0.0
otrslt8.0.23
otrsge7.0.0
otrslt7.0.35

Name	Operator	Version
calendar_resource_planning	ge	8.0.0
calendar_resource_planning	lt	8.0.23
calendar_resource_planning	ge	7.0.0
calendar_resource_planning	lt	7.0.31
otrs	ge	8.0.0
otrs	lt	8.0.23
otrs	ge	7.0.0
otrs	lt	7.0.35

References

otrs.com/release-notes/otrs-security-advisory-2022-07/