CVE-2020-1770
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD
Description
Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
Affected (9)
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 15.0 | |
| Version 15.1 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 8.0 |
Related CWEs
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-201
Insertion of Sensitive Information Into Sent Data
The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.
References (12)
Source: security@otrs.com
Mailing ListThird Party Advisory
Source: security@otrs.com
Mailing ListThird Party Advisory
Source: security@otrs.com
Mailing ListThird Party Advisory
Source: security@otrs.com
Mailing ListThird Party Advisory
Source: security@otrs.com
Source: security@otrs.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.