CVE-2025-24389

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Jan 27, 2025

CWE ID 532

Summary

CVE-2025-24389 is a vulnerability affecting OTRS versions 7.0.X, 8.0.X, 2023.X, and 2024.X, as well as the OTRS Community Edition 6.0.x. This issue arises due to errors in upstream libraries, leading to the insertion of sensitive information in OTRS log mechanisms and administrator emails. The disclosure of such information could potentially result in security breaches. Products based on the OTRS Community Edition are also likely to be affected.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OTRS

Affected Vendors

otrs)

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2qNFOU
https://www.cve.org/CVERecord?id=CVE-2025-24389
https://nvd.nist.gov/vuln/detail/CVE-2025-24389

Back to Vulnerability Database