Unrated severityNVD Advisory· Published Mar 22, 2021· Updated Sep 16, 2024
Config Items are shown to users without permission
CVE-2021-21437
Description
Agents are able to see linked Config Items without permissions, which are defined in General Catalog. This issue affects: OTRSCIsInCustomerFrontend 7.0.15 and prior versions, ITSMConfigurationManagement 7.0.24 and prior versions
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<=7.0.24+ 1 more
- (no CPE)range: <=7.0.24
- (no CPE)range: 7.0.x
<=7.0.15+ 1 more
- (no CPE)range: <=7.0.15
- (no CPE)range: 7.0.x
Patches
Vulnerability mechanics
References
1- otrs.com/release-notes/otrs-security-advisory-2021-07/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.