CVE-2022-32739

Summary

When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.

Affected Software

VendorProductVersion RangeStatus
OTRS AGOTRS7.0.x <= 7.0.34affected
OTRS AGOTRS8.0.x <= 8.0.22affected
OTRS AGOTRSCalendarResourcePlanning7.0.x <= 7.0.30affected
OTRS AGOTRSCalendarResourcePlanning8.0.x <= 8.0.20affected

Weaknesses

  • CWE-200: CWE-200 Information Exposure

ADP Enrichment

CVE Program Container

Additional References

References