Vulnerability Details : CVE-2020-1772
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
Products affected by CVE-2020-1772
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- Otrs » Otrs » Community EditionVersions from including (>=) 6.0.0 and up to, including, (<=) 6.0.26cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
- cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
- Otrs » Otrs » Community EditionVersions from including (>=) 5.0.0 and up to, including, (<=) 5.0.41cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
- cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-1772
0.59%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-1772
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST | |
|
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N |
2.2
|
4.2
|
OTRS AG |
CWE ids for CVE-2020-1772
-
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component.Assigned by: security@otrs.com (Secondary)
References for CVE-2020-1772
-
https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html
[SECURITY] [DLA 2198-1] otrs2 security updateMailing List;Third Party Advisory
-
https://otrs.com/release-notes/otrs-security-advisory-2020-09/
OTRS Security Advisory 2020-09 | OTRSPatch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
[security-announce] openSUSE-SU-2020:0551-1: moderate: Recommended updatMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
[security-announce] openSUSE-SU-2020:1475-1: moderate: Recommended updatMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
[SECURITY] [DLA 3551-1] otrs2 security update
-
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
[security-announce] openSUSE-SU-2020:1509-1: moderate: Recommended updatMailing List;Third Party Advisory
Jump to