What is the OTRS CNA?
OTRS is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 73 CVE records since 2020.
How many CVEs has OTRS published?
OTRS has published 73 CVE records, including 13 in the last two years.
What is OTRS's CVE data quality grade?
RadicalNotion.AI grades OTRS's CVE data quality as A, with an overall completeness score of 99.3%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (97.3%) information.
What products does OTRS publish CVEs for?
OTRS most frequently publishes CVEs for OTRS, ((OTRS)) Community Edition, debian linux, leap, backports sle.
Which vendors does OTRS cover?
OTRS publishes CVEs across 2 distinct vendors, most often OTRS AG, otrs, debian, opensuse, Accessing template content without permissions.
Is OTRS actively publishing CVEs?
OTRS is currently active, based on 13 CVEs in the last two years.
What is the average severity of OTRS's CVEs?
The average CVSS base score across OTRS's scored CVEs is 5.0.
How many critical CVEs has OTRS published?
OTRS has published 1 critical-severity CVEs and 10 high-severity CVEs.
Are any of OTRS's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of OTRS's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in OTRS's CVEs?
OTRS's CVEs most often map to these CWE weakness types: CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-20 (Improper Input Validation), CWE-532 (Insertion of Sensitive Information into Log File).
How does OTRS rank among CNAs?
By total CVE volume, OTRS ranks #140 of 370 CNAs, and it reports more complete CVE records than 55% of all CNAs.
