CVE-2020-1770
27.03.2020, 13:15
Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.Enginsight
| Vendor | Product | Version |
|---|---|---|
| otrs | otrs | 5.0.0 ≤ 𝑥 ≤ 5.0.41 |
| otrs | otrs | 6.0.0 ≤ 𝑥 ≤ 6.0.26 |
| otrs | otrs | 7.0.0 ≤ 𝑥 ≤ 7.0.15 |
| opensuse | backports_sle | 15.0 |
| opensuse | backports_sle | 15.0:sp1 |
| opensuse | backports_sle | 15.0:sp2 |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration
- CWE-201 - Insertion of Sensitive Information Into Sent DataThe code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.
- CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
References