admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added CVE-2020-1777 - OSA-2020-15 / 2020-10-12

Browse Source
This commit is contained in:
jensoliver 2020-10-12 10:21:13 +02:00
parent 64017a4082
commit c43c1fe934
1 changed files with 97 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
2020/1xxx/CVE-2020-1777.json
View File

@ -1,18 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@otrs.com",
"DATE_PUBLIC": "2020-10-12T00:00:00.000Z",
"ID": "CVE-2020-1777",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Agent names disclosed in chat feature"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OTRS",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.0.x",
"version_value": "7.0.21"
},
{
"version_affected": "<=",
"version_name": "8.0.x",
"version_value": "8.0.6"
}
]
}
}
]
},
"vendor_name": "OTRS AG"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "László Gyaraki "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. \n\nThis issue affects\nOTRS;\n7.0.21 and prior versions,\n8.0.6 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://otrs.com/release-notes/otrs-security-advisory-2020-15/",
"refsource": "CONFIRM",
"url": "https://otrs.com/release-notes/otrs-security-advisory-2020-15/"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Upgrade to OTRS 7.0.22, OTRS 8.0.7"
}
],
"source": {
"advisory": "OSA-2020-15",
"defect": [
"2020052942000321"
],
"discovery": "INTERNAL"
}
}