Lucene search

[email protected]CVE-2020-1766

HistoryJan 10, 2020 - 3:15 p.m.

CVE-2020-1766

2020-01-1015:15:12

CWE-79

[email protected]

web.nvd.nist.gov

165

cve-2020-1766

nvd

otrs

security

image upload

svg

javascript

browser security

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.7

Confidence

High

EPSS

0.012

Percentile

85.5%

JSON

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

Affected configurations

NVD

Node

otrsotrsRange5.0.0–5.0.39community

otrsotrsRange6.0.0–6.0.24community

otrsotrsRange7.0.0–7.0.13

Node

debiandebian_linuxMatch8.0

VendorProductVersionCPE
otrsotrscpe:/a:otrs:otrs:::community:
otrsotrscpe:/a:otrs:otrs::::

Vendor	Product	Version	CPE
otrs	otrs		cpe:/a:otrs:otrs:::community:
otrs	otrs		cpe:/a:otrs:otrs::::

CNA Affected

[
  {
    "vendor": "OTRS AG",
    "product": "((OTRS)) Community Edition",
    "versions": [
      {
        "version": "5.0.x version 5.0.39 and prior versions",
        "status": "affected"
      },
      {
        "version": "6.0.x version 6.0.24 and prior versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "OTRS AG",
    "product": "OTRS",
    "versions": [
      {
        "version": "7.0.x version 7.0.13 and prior versions",
        "status": "affected"
      }
    ]
  }
]