VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 18, 2011· Updated Apr 29, 2026

CVE-2010-4761

CVE-2010-4761

Description

The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.

Affected products

102
  • OTRS/Otrs101 versions
    cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*+ 100 more
    • cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:3.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:*:beta2:*:*:*:*:*:*range: <=3.0.0
    • (no CPE)range: < 3.0.0-beta3
  • OTRS/Open Ticket Request System (OTRS)llm-fuzzy
    Range: < 3.0.0-beta3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.