- What is the OTRS CNA?
- OTRS is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 73 CVE records since 2020.
- How many CVEs has OTRS published?
- OTRS has published 73 CVE records, including 13 in the last two years.
- What is OTRS's CVE data quality grade?
- RadicalNotion.AI grades OTRS's CVE data quality as A, with an overall completeness score of 99.3%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (97.3%) information.
- What products does OTRS publish CVEs for?
- OTRS most frequently publishes CVEs for OTRS, ((OTRS)) Community Edition, debian linux, leap, backports sle.
- Which vendors does OTRS cover?
- OTRS publishes CVEs across 2 distinct vendors, most often OTRS, debian, openSUSE, Accessing template content without permissions.
- Is OTRS actively publishing CVEs?
- OTRS is currently active, based on 13 CVEs in the last two years.
- What is the average severity of OTRS's CVEs?
- The average CVSS base score across OTRS's scored CVEs is 5.0.
- How many critical CVEs has OTRS published?
- OTRS has published 4 critical-severity CVEs and 16 high-severity CVEs.
- Are any of OTRS's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of OTRS's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in OTRS's CVEs?
- OTRS's CVEs most often map to these CWE weakness types: CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-20 (Improper Input Validation), CWE-532 (Insertion of Sensitive Information into Log File).
- How does OTRS rank among CNAs?
- By total CVE volume, OTRS ranks #140 of 370 CNAs, and it reports more complete CVE records than 55% of all CNAs.