Medium severity6.5NVD Advisory· Published Feb 21, 2020· Updated Jun 16, 2026
CVE-2013-4088
CVE-2013-4088
Description
Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- OTRS/Open Ticket Request Systemdescription
- Range: 3.0.x < 3.0.21, 3.1.x < 3.1.17, 3.2.x < 3.2.8
- Range: 3.0.x < 3.0.21, 3.1.x < 3.1.17, 3.2.x < 3.2.8
Patches
Vulnerability mechanics
References
4- advisories.mageia.org/MGASA-2013-0196.htmlnvdThird Party Advisory
- bugs.gentoo.org/show_bug.cginvdIssue TrackingThird Party Advisory
- www.securityfocus.com/bid/60688/discussnvdThird Party AdvisoryVDB Entry
- archives.neohapsis.com/archives/bugtraq/2013-07/0015.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.