Escanear grátis
LOWCVE-2022-0473CVSS 3.8

Dynamic field error message is vulnerable to XSS

traduzindo…

Plataforma

otrs

Componente

otrs

Corrigido em

7.0.32

AI Confidence: highNVDEPSS 0.4%Revisado: mai. de 2026
Ver no NVD
Salvar
Traduzindo para o seu idioma…

CVE-2022-0473 describes a cross-site scripting (XSS) vulnerability in OTRS versions 7.0.0 through 7.0.31. This vulnerability allows an attacker to inject malicious JavaScript code into the error message of a regular expression check within dynamic fields. Exploitation requires administrator privileges and can lead to code execution within the administrator's browser session. A patch is available to resolve this issue.

Impacto e Cenários de Ataquetraduzindo…

Successful exploitation of CVE-2022-0473 could allow an attacker to execute arbitrary JavaScript code in the context of an OTRS administrator's browser. This could lead to session hijacking, credential theft, or defacement of the OTRS interface. The attacker could potentially gain access to sensitive data stored within OTRS, including customer information, support tickets, and internal communications. While the CVSS score is LOW, the potential for administrator account compromise makes this a significant risk, particularly in environments where OTRS is used to manage critical business processes.

Contexto de Exploraçãotraduzindo…

CVE-2022-0473 was publicly disclosed on February 7, 2022. No public proof-of-concept (PoC) code has been widely reported. The vulnerability's LOW severity rating and lack of public exploits suggest a low probability of active exploitation at this time. It is not listed on the CISA KEV catalog.

Quem Está em Riscotraduzindo…

Organizations using OTRS for customer support or IT service management are at risk, particularly those relying on OTRS administrators with broad privileges. Environments with custom dynamic field configurations or legacy OTRS installations are especially vulnerable.

Passos de Detecçãotraduzindo…

• otrs: Examine OTRS dynamic field configurations for suspicious regular expressions or unusual characters.

# Example: Search for potentially malicious code in dynamic field definitions
grep -r 'alert\(' /opt/otrs/ -print0 | xargs -0 grep -i 'script'

• generic web: Monitor OTRS access logs for unusual requests containing JavaScript code in dynamic field parameters.

# Example: Search for JavaScript code in OTRS access logs
grep -i 'alert(' /var/log/apache2/access.log

Linha do Tempo do Ataque

  1. Disclosure

    disclosure

Inteligência de Ameaças

Status do Exploit

Prova de ConceitoDesconhecido
CISA KEVNO
Exposição na InternetAlta

EPSS

0.36% (percentil 58%)

Vetor CVSS

INTELIGÊNCIA DE AMEAÇAS· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N3.8LOWAttack VectorNetworkComo o atacante alcança o alvoAttack ComplexityLowCondições necessárias para explorarPrivileges RequiredHighNível de autenticação necessárioUser InteractionNoneSe a vítima precisa tomar uma açãoScopeUnchangedImpacto além do componente afetadoConfidentialityLowRisco de exposição de dados sensíveisIntegrityLowRisco de modificação não autorizada de dadosAvailabilityNoneRisco de interrupção de serviçonextguardhq.com · Pontuação Base CVSS v3.1
O que significam essas métricas?
Attack Vector
Rede — explorável remotamente pela internet. Sem acesso físico ou local necessário.
Attack Complexity
Baixa — sem condições especiais. O atacante pode explorar de forma confiável.
Privileges Required
Alto — conta de administrador ou privilegiada necessária.
User Interaction
Nenhuma — ataque automático e silencioso. A vítima não faz nada.
Scope
Inalterado — impacto limitado ao componente vulnerável.
Confidentiality
Baixo — acesso parcial ou indireto a alguns dados.
Integrity
Baixo — o atacante pode modificar alguns dados com alcance limitado.
Availability
Nenhum — sem impacto na disponibilidade.

Software Afetado

Componenteotrs
FornecedorOTRS AG
Faixa afetadaCorrigido em
7.0.x – 7.0.317.0.32

Classificação de Fraqueza (CWE)

CWE-79

Linha do tempo

  1. Reservado
  2. Publicada
  3. Modificada
  4. EPSS atualizado
Sem correção — 1567 dias desde a divulgação

Mitigação e Soluções Alternativastraduzindo…

The primary mitigation for CVE-2022-0473 is to upgrade to a patched version of OTRS. Consult the official OTRS advisory for the specific version containing the fix. As a temporary workaround, administrators should carefully review and validate all dynamic field configurations, paying close attention to regular expression checks. Implement strict input validation and sanitization on all user-supplied data used in dynamic fields. Consider using a Web Application Firewall (WAF) with XSS filtering rules to block malicious payloads.

Como corrigirtraduzindo…

Actualice OTRS a una versión posterior a la 7.0.31. Esto solucionará la vulnerabilidad XSS en los mensajes de error de los campos dinámicos.

Boletim de Segurança CVE

Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.

Perguntas frequentestraduzindo…

What is CVE-2022-0473 — XSS in OTRS?

CVE-2022-0473 is a cross-site scripting (XSS) vulnerability in OTRS versions 7.0.0–7.0.31 that allows attackers to inject malicious JavaScript code.

Am I affected by CVE-2022-0473 in OTRS?

You are affected if you are running OTRS versions 7.0.0 through 7.0.31 and have not upgraded to a patched version.

How do I fix CVE-2022-0473 in OTRS?

Upgrade to a patched version of OTRS. Consult the official OTRS advisory for the specific version containing the fix.

Is CVE-2022-0473 being actively exploited?

There are no widespread reports of active exploitation, but the vulnerability remains a potential risk.

Where can I find the official OTRS advisory for CVE-2022-0473?

Refer to the official OTRS security advisory for details: [https://otrs.com/security-advisories/otrs-security-advisory-2022-0473/](https://otrs.com/security-advisories/otrs-security-advisory-2022-0473/)

Seu projeto está afetado?

Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.

Escanear grátisBuscar CVEs