CVE-2014-9324 Information

Description

The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17 3.3.x before 3.3.11 and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.

Reference

http://advisories.mageia.org/MGASA-2015-0031.html http://secunia.com/advisories/59875 http://secunia.com/advisories/62188 http://secunia.com/advisories/62662 http://www.mandriva.com/security/advisories?name=MDVSA-2015:043 https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/