Lucene search
+L

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.3 views

SUSE CVE-2020-1774

When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects OTRS Community Edition: 5.0.42 and prior versions, 6.0.27 and prio...

4.9CVSS5AI score0.00912EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/05/04 12:0 a.m.31 views

Debian DLA-2198-1 : otrs2 security update

Several vulnerabilities have been discovered in otrs2 Open source Ticket Request System CVE-2020-1770 Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. CVE-2020-1772 Its possible to craft Lost Password requests with wildcards in the Token...

7.5CVSS5.7AI score0.01622EPSS
Exploits0References5
Debian
Debian
added 2020/05/01 5:45 a.m.138 views

[SECURITY] [DLA 2198-1] otrs2 security update

Package : otrs2 Version : 3.3.18-1+deb8u15 CVE ID : CVE-2020-1770 CVE-2020-1772 CVE-2020-1774 Several vulnerabilities have been discovered in otrs2 Open source Ticket Request System CVE-2020-1770 Support bundle generated files could contain sensitive information that might be unwanted to be...

7.5CVSS6.8AI score0.01622EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.62 views

OTRS 5.0.x < 6.0.28, 7.0.x < 7.0.17 Information Disclosure Vulnerability (OSA-2020-11)

OTRS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if...

4.9CVSS3.8AI score0.00912EPSS
Exploits0References1
CVE
CVE
added 2020/04/28 1:54 p.m.99 views

CVE-2020-1774

CVE-2020-1774 affects the Open-Source Ticket Request System (OTRS) versions: Community Edition 5.0.42 and earlier, 6.0.27 and earlier, and OTRS 7.0.16 and earlier. The issue arises when downloading PGP or S/MIME keys/certificates: the exported files share the same name for private and public keys...

4.9CVSS5.6AI score0.00912EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2020/04/28 1:54 p.m.28 views

CVE-2020-1774

When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects OTRS Community Edition: 5.0.42 and prior versions, 6.0.27 and prio...

4.9CVSS5.1AI score0.00912EPSS
Exploits0
Rows per page
Query Builder