Bug 1109822 - (CVE-2018-16586) VUL-1: CVE-2018-16586: otrs: Loading External Image or CSS Resources (OSA-2018-05)
(CVE-2018-16586)
VUL-1: CVE-2018-16586: otrs: Loading External Image or CSS Resources (OSA-201...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.0
Other Other
: P4 - Low : Minor (vote)
: ---
Assigned To: Christian Wittmer
Security Team bot
https://smash.suse.de/issue/215505/
CVSSv2:NVD:CVE-2018-11623:6.8:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-09-26 11:21 UTC by Andreas Stieger
Modified: 2018-10-04 18:19 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2018-09-26 11:21:45 UTC
https://community.otrs.com/security-advisory-2018-05-security-update-for-otrs-framework/

Severity: 3.7. low
Product: OTRS 6.0.x, OTRS 5.0.x, OTRS 4.0.x
Fixed in: OTRS 6.0.11, OTRS 5.0.30, OTRS 4.0.32
FULL CVSS v3 VECTOR: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:R
References: CVE-2018-16586
 
An attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.

Affected by this vulnerability are all releases of OTRS 6.0.x up to and including 6.0.10, OTRS 5.0.x up to and including 5.0.29, and OTRS 4.0.x up to and including 4.0.31.

This vulnerability is fixed in the latest versions of OTRS, and it is recommended to upgrade to the latest patch level.

Fixed releases can be found at:

    https://www.otrs.com/category/release-and-security-notes-en/

Detailed information about the changes:

    OTRS 6: https://github.com/OTRS/otrs/commit/09e80c7752b0d9080688e4597c7495dd109e0963
    OTRS 5: https://github.com/OTRS/otrs/commit/a808859a75c59ae3b7568f5cc4708c53462aa4c7
    OTRS 4: https://github.com/OTRS/otrs/commit/baa92df09145b8ae2702a3a0e85d8ba55ec96302


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16586
http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-16586.html
Comment 1 Christian Wittmer 2018-09-26 13:31:38 UTC
ongoing work ...
Comment 2 Swamp Workflow Management 2018-09-26 17:30:10 UTC
This is an autogenerated message for OBS integration:
This bug (1109822) was mentioned in
https://build.opensuse.org/request/show/638524 Factory / otrs
Comment 3 Swamp Workflow Management 2018-09-26 18:30:14 UTC
This is an autogenerated message for OBS integration:
This bug (1109822) was mentioned in
https://build.opensuse.org/request/show/638542 15.0+Backports:SLE-15 / otrs
Comment 4 Swamp Workflow Management 2018-10-04 16:25:58 UTC
openSUSE-SU-2018:3005-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1103800,1109822,1109823
CVE References: CVE-2018-14593,CVE-2018-16586,CVE-2018-16587
Sources used:
openSUSE Leap 15.0 (src):    otrs-4.0.32-lp150.2.3.1
openSUSE Backports SLE-15 (src):    otrs-4.0.32-bp150.3.3.1
Comment 5 Marcus Meissner 2018-10-04 18:19:42 UTC
released