CVE-2020-1765 - OpenCVE

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Otrs	Otrs
Opensuse	Leap Backports Sle

Configuration 1 [-]

OR	cpe:2.3:a:otrs:otrs:::::community:::*
	cpe:2.3:a:otrs:otrs:::::community:::*
	cpe:2.3:a:otrs:otrs::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:a:opensuse:backports_sle:15.0:-::::::
	cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::
	cpe:2.3:a:opensuse:backports_sle:15.0:sp2::::::
	cpe:2.3:o:opensuse:leap:15.1:::::::*
	cpe:2.3:o:opensuse:leap:15.2:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00027.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
https://otrs.com/release-notes/otrs-security-advisory-2020-01/	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: OTRS

Published: 2020-01-10T00:00:00

Updated: 2023-08-31T02:06:14.280325

Reserved: 2019-11-29T00:00:00

Link: CVE-2020-1765

JSON object: View

NVD Information

Status : Modified

Published: 2020-01-10T15:15:11.723

Modified: 2023-08-31T03:15:10.583

Link: CVE-2020-1765

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-1765", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "assignerShortName": "OTRS", "dateUpdated": "2023-08-31T02:06:14.280325", "dateReserved": "2019-11-29T00:00:00", "datePublished": "2020-01-10T00:00:00"}, "containers": {"cna": {"title": "Spoofing of From field in several screens", "datePublic": "2020-01-10T00:00:00", "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2023-08-31T02:06:14.280325"}, "descriptions": [{"lang": "en", "value": "An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions."}], "affected": [{"vendor": "OTRS AG", "product": "((OTRS)) Community Edition", "versions": [{"version": "5.0.x version 5.0.39 and prior versions", "status": "affected"}, {"version": "6.0.x version 6.0.24 and prior versions", "status": "affected"}]}, {"vendor": "OTRS AG", "product": "OTRS", "versions": [{"version": "7.0.x version 7.0.13 and prior versions", "status": "affected"}]}], "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2020-01/"}, {"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2079-1] otrs2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00027.html"}, {"name": "openSUSE-SU-2020:0551", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"}, {"name": "openSUSE-SU-2020:1475", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"}, {"name": "openSUSE-SU-2020:1509", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"}, {"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}], "credits": [{"lang": "en", "value": "Sebastian Renker, Jonas Becker"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-472 External Control of Assumed-Immutable Web Parameter", "cweId": "CWE-472"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "OSA-2020-01", "defect": ["2019100942003876"], "discovery": "EXTERNAL"}, "solutions": [{"lang": "en", "value": "Upgrade to OTRS 7.0.14, ((OTRS)) Community Edition 6.0.25, ((OTRS)) Community Edition 5.0.40 "}, {"lang": "en", "value": "Patch for ((OTRS)) Community Edition 6: https://github.com/OTRS/otrs/commit/d146d4997cbd6e1370669784c6a2ec8d64655252 \nPatch for ((OTRS)) Community Edition 5: https://github.com/OTRS/otrs/commit/874889b86abea4c01ceb1368a836b66694fae1c3"}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "matchCriteriaId": "930593FF-E99D-46BB-AABD-9562CC94B8D3", "versionEndIncluding": "5.0.39", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "matchCriteriaId": "69D1FDA1-32D6-4793-AB1D-ED9F0A17939F", "versionEndIncluding": "6.0.24", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "matchCriteriaId": "D86D6CD7-52CC-47B5-8075-462D4A3099FC", "versionEndIncluding": "7.0.13", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "matchCriteriaId": "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568", "vulnerable": true}, {"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "67E82302-4B77-44F3-97B1-24C18AC4A35D", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions."}, {"lang": "es", "value": "Un control inapropiado de los par\u00e1metros permite la suplantaci\u00f3n de los campos de las siguientes pantallas: AgentTicketCompose, AgentTicketForward, AgentTicketBounce y AgentTicketEmailOutbound. Este problema afecta a: ((OTRS)) Community Edition versiones 5.0.x versi\u00f3n 5.0.39 y anteriores; versiones 6.0.x versi\u00f3n 6.0.24 y anteriores. OTRS versiones 7.0.x versi\u00f3n 7.0.13 y anteriores."}], "id": "CVE-2020-1765", "lastModified": "2023-08-31T03:15:10.583", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "security@otrs.com", "type": "Secondary"}]}, "published": "2020-01-10T15:15:11.723", "references": [{"source": "security@otrs.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"}, {"source": "security@otrs.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"}, {"source": "security@otrs.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"}, {"source": "security@otrs.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00027.html"}, {"source": "security@otrs.com", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}, {"source": "security@otrs.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-01/"}], "sourceIdentifier": "security@otrs.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-472"}], "source": "security@otrs.com", "type": "Secondary"}]}