How severe is CVE-2024-43444?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.2 out of 10.

What type of vulnerability is CVE-2024-43444?

This is classified as CWE-532, which is a common weakness in software security.

CVE-2024-43444 - HIGH Severity | CVSS 8.2

Vulnerability Description

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: * OTRS from 7.0.X through 7.0.50 * OTRS 8.0.X * OTRS 2023.X * OTRS from 2024.X through 2024.5.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected

Related Vulnerabilities

CVE-2020-10712

HIGH

CVSS:8.2(High)

A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those lo...

CWE-5322020

CVE-2025-31479

HIGH

CVSS:8.2(High)

canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fail...

CWE-5322025

CVE-2018-19786

HIGH

CVSS:8.1(High)

HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being repo...

CWE-5322018

CVE-2018-3827

HIGH

CVSS:8.1(High)

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure creden...

CWE-5322018

CVE-2019-11336

HIGH

CVSS:8.1(High)

Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backd...

CWE-5322019

CVE-2021-45103

HIGH

CVSS:8.1(High)

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can access files stored in S3 cloud storage that a user has asked HTCondor to transfer.

CWE-5322021