PT-2020-15045 · Otrs · Otrs
Published
2020-02-07
·
Updated
2020-02-11
·
CVE-2020-1768
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
OTRS versions 7.0.14 and prior versions.
Description
The issue arises from the external frontend system making numerous background calls to the backend, where each background request is treated as user activity. This prevents the SessionMaxIdleTime from being reached.
Recommendations
For OTRS versions 7.0.14 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Otrs