Otrs Security Vulnerabilities (CVEs)

Track 8 security vulnerabilities affecting Otrs products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

6 High

2 Medium

Sort by:

🔔 Get Alerts for Otrs

CVE-2025-24387 4.8

This vulnerability in OTRS Application Server allows session hijacking due to insecure cookie settings in HTTPS sessions. Attackers can steal authenti...

Mar 10, 2025

CVE-2024-23794 5.2

An incorrect privilege assignment vulnerability in OTRS allows agents with read-only permissions to gain full access to tickets in rare configurations...

Jul 15, 2024

CVE-2023-6254 8.1

This vulnerability in OTRS AgentInterface and ExternalInterface allows attackers to read plain text passwords that are inadvertently sent back to clie...

Nov 27, 2023

CVE-2023-5422 8.7

This vulnerability in OTRS and OTRS Community Edition allows attackers to intercept email communications by using invalid or expired SSL/TLS certifica...

Oct 16, 2023

CVE-2023-38056 7.2

This vulnerability allows authenticated OTRS administrators to execute arbitrary commands on the server through improper input sanitization in the Sys...

Jul 24, 2023

CVE-2023-2534 7.6

An improper authorization vulnerability in OTRS 8's Websocket API backend allows authenticated agents to track user behavior and gain live system insi...

May 8, 2023

CVE-2023-1250 7.4

This vulnerability allows local attackers to execute arbitrary code on OTRS systems by injecting malicious code into ACL module comments or names duri...

Mar 20, 2023

CVE-2013-4717 8.8

Multiple SQL injection vulnerabilities in OTRS Help Desk allow authenticated users to execute arbitrary SQL commands. This affects OTRS versions 3.0.x...

Aug 9, 2021

Why Monitor Otrs Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 8+ known vulnerabilities affecting Otrs products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Otrs packages in under 60 seconds. No agents required - completely agentless scanning that works across Otrs deployments.

Free vulnerability database: Access detailed information about every Otrs CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Otrs CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Otrs CVEs Free