Lucene search
GoogleOSV:CVE-2020-1772HistoryMar 27, 2020 - 1:15 p.m.
CVE-2020-1772
2020-03-2713:15:15
Google
osv.dev
5
It’s possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
References
lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
lists.debian.org/debian-lts-announce/2020/05/msg00000.html
lists.debian.org/debian-lts-announce/2023/08/msg00040.html
otrs.com/release-notes/otrs-security-advisory-2020-09/
Related
cve
cve
CVE-2020-1772
2020-03-27 13:15:15
cvelist
cvelist
CVE-2020-1772 Information Disclosure
2020-03-27 00:00:00
ubuntucve
ubuntucve
CVE-2020-1772
2020-03-27 00:00:00
prion
prion
Code injection
2020-03-27 13:15:00
debiancve
debiancve
CVE-2020-1772
2020-03-27 13:15:15
nvd
nvd
CVE-2020-1772
2020-03-27 13:15:15
osv
osv
otrs2 - security update
2020-05-01 00:00:00
otrs2 - security update
2023-08-31 00:00:00
debian
debian
[SECURITY] [DLA 2198-1] otrs2 security update
2020-05-01 05:45:22
[SECURITY] [DLA 3551-1] otrs2 security update
2023-08-31 00:20:25
nessus
nessus
Debian DLA-2198-1 : otrs2 security update
2020-05-04 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-551)
2020-04-28 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-1475)
2020-09-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2198-1)
2020-05-02 00:00:00
OTRS 5.0.x < 5.0.42, 6.0.x < 6.0.27, 7.0.x < 7.0.16 Multiple Vulnerabilities
2020-03-30 00:00:00
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0551-1)
2020-04-26 00:00:00
suse
suse
Recommended update for otrs (moderate)
2020-09-20 00:00:00
Recommended update for otrs (moderate)
2020-09-23 00:00:00
Recommended update for otrs (moderate)
2020-04-25 00:00:00