Security Advisories Dear reader,
The following security fix/es was/were made: OTRS Security Advisory 2021-10 ID: OSA-2021-10 Date: 2021-07-26 Title: Support Bundle includes S/Mime and PGP keys Severity: 5.2 MEDIUM Product: OTRS 8.0.x, OTRS 7.0.x Fixed in: OTRS 8.0.15, OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N References: CVE-2021-21440 OTRS Security Advisory 2021-12 ID: OSA-2021-12 Date: 2021-07-26 Title: XSS vulnerability in Time Accounting Severity: 4.5. MEDIUM Product: TimeAccounting 7.0.x Fixed in: TimeAccounting 7.0.20 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N References: CVE-2021-21442 OTRS Security Advisory 2021-13 ID: OSA-2021-13 Date: 2021-07-26 Title: Unautorized listing of the customer user emails Severity: 3.5 LOW Product: OTRS 7.0.x, OTRS 6.0.x, Fixed in: OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N References: CVE-2021-21443 OTRS Security Advisory 2021-14 ID: OSA-2021-14 Date: 2021-07-26 Title: Unautorized access to the calendar appointments Severity: 3.5 LOW Product: OTRS 7.0.x, OTRS 6.0.x Fixed in: OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N References: CVE-2021-36091 OTRS Security Advisory 2021-15 ID: OSA-2021-15 Date: 2021-07-26 Title: XSS attack using special link in email Severity: 6.5 MEDIUM Product: OTRS 8.0.x, OTRS 7.0.x, OTRS 6.0.x Fixed in: OTRS 8.0.15, OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References: CVE-2021-36092 To read the entire Security Advisory/Advisories, please follow this link: https://otrs.com/overview-release-notes-security-advisories/security-advisories/ <https://pg183.keap-link003.com/api/v1/click/6002577902010368/4881481112092672> Kind regards, Your OTRS release team <https://pg183.keap-link005.com/api/v1/click/5673301784788992/4881481112092672> Subscribe to the OTRS Newsletter. Read about OTRS service management solutions, product features, and interesting tips from our experts every month. Simply select your desired language. German <https://pg183.keap-link005.com/api/v1/click/5647167009456128/4881481112092672> English <https://pg183.keap-link005.com/api/v1/click/5153833979609088/4881481112092672> Spanish <https://pg183.keap-link005.com/api/v1/click/6690562406481920/4881481112092672> Portuguese <https://pg183.keap-link005.com/api/v1/click/6302750750408704/4881481112092672> <https://www.facebook.com/OTRSGroup/> <https://twitter.com/otrsgroup> <https://www.linkedin.com/company/154779> <https://www.youtube.com/channel/UCHdOAyuwwkkk5ko_vy0X8_g> <https://www.instagram.com/otrs_group/> Visit www.otrs.com <https://pg183.keap-link005.com/api/v1/click/5125768113160192/4881481112092672> or contact us. <https://pg183.keap-link005.com/api/v1/click/6349859293888512/4881481112092672> OTRS AG Zimmersmühlenweg 11 61440 Oberursel Germany +49 6172 681988 0
smime.p7s
Description: S/MIME cryptographic signature
-- _______________________________________________ announce mailing list -- [email protected] To unsubscribe send an email to [email protected] To manage your subscription or browse the message archive visit: https://lists.otrs.org/postorius/lists/announce.lists.otrs.org/
