diff --git a/lib/api/xmlrpc/v1/xmlrpc.class.php b/lib/api/xmlrpc/v1/xmlrpc.class.php
index 0136cd1d4b..ba5a5053e0 100644
--- a/lib/api/xmlrpc/v1/xmlrpc.class.php
+++ b/lib/api/xmlrpc/v1/xmlrpc.class.php
@@ -8109,7 +8109,15 @@ public function getIssueTrackerSystem($args, $call = null) {
 
         $extCall = is_null( $call );
         if($extCall) {
-            $this->authenticate();
+            $status_ok = $this->authenticate();
+            if(! $status_ok) {
+                return $this->errors;
+            }
+            if(! $this->userHasRight( "issuetracker_view", self::CHECK_PUBLIC_PRIVATE_ATTR )) {
+                $msg = sprintf( INSUFFICIENT_RIGHTS_STR );
+                $this->errors[] = new IXR_Error( INSUFFICIENT_RIGHTS, $msg_prefix . $msg );
+                return $this->errors;
+            }
         }
 
         $ret = null;