A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems.
This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk.
To guarantee the security of your system, we recommend applying last released patches.
For EriZone 5.2:
Via Admin >> Package Manager
Click on “Update repository information” and upgrade the packages strictly in the following sequence:
EriZoneCore
EriZoneServiceDeskEnhancement
EriZoneTheme
For EriZone 3.6:
Via Admin >> Package Manager
Click on “Update repository information” and upgrade package:
EriZoneCore
For both systems, after previous procedure use a console to launch following commands:
Synopsis Important: Icinga2 security update Type/Severity Security Advisory: Critical Topic An update for the package icinga2 is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Critical. Common Vulnerability Scoring System Read More
Synopsis Important: GLPI security update Type/Severity Security Advisory: Critical Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Critical. Common Vulnerability Scoring System Read More
Synopsis Important: GLPI security update Type/Severity Security Advisory: High Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More
Type/Severity Security Advisory: High Topic There is a security update for GLPI Agent Description This version specifically fixes 2 critical security issues related to MSI packaging on Windows: CVE-2024-28240: A local user could modify the GLPI Agent configuration to gain Read More
Synopsis Important: GLPI security update Type/Severity Security Advisory: Important Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System Read More