CVE-2020-1774 - Vulnerability Details - OpenCVE

ReportizFlow

When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Otrs	Otrs

Configuration 1 [-]

OR	cpe:2.3:a:otrs:otrs:::::community:::*
	cpe:2.3:a:otrs:otrs:::::community:::*
	cpe:2.3:a:otrs:otrs::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
https://otrs.com/release-notes/otrs-security-advisory-2020-11/

History

Mon, 16 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Title	Information disclosure	Information disclosure

MITRE

Status: PUBLISHED

Assigner: OTRS

Published: 2020-04-28T13:54:26.180850Z

Updated: 2024-09-16T18:13:37.691Z

Reserved: 2019-11-29T00:00:00

Link: CVE-2020-1774

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-04-28T14:15:14.283

Modified: 2024-11-21T05:11:21.797

Link: CVE-2020-1774

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-1774", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "assignerShortName": "OTRS", "dateUpdated": "2024-09-16T18:13:37.691Z", "dateReserved": "2019-11-29T00:00:00", "datePublished": "2020-04-28T13:54:26.180850Z"}, "containers": {"cna": {"title": "Information disclosure", "datePublic": "2020-04-27T00:00:00", "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2023-08-31T02:07:06.193689"}, "descriptions": [{"lang": "en", "value": "When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions."}], "affected": [{"vendor": "OTRS AG", "product": "((OTRS)) Community Edition", "versions": [{"version": "6.0.x <= 6.0.27", "status": "affected"}, {"version": "5.0.x <= 5.0.42", "status": "affected"}]}, {"vendor": "OTRS AG", "product": "OTRS", "versions": [{"version": "7.0.x <= 7.0.16", "status": "affected"}]}], "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2020-11/"}, {"name": "[debian-lts-announce] 20200501 [SECURITY] [DLA 2198-1] otrs2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html"}, {"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}], "credits": [{"lang": "en", "value": "Matthias Terlinde"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-201 Information Exposure Through Sent Data", "cweId": "CWE-201"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "OSA-2020-11", "defect": ["2020021442001602"], "discovery": "USER"}, "solutions": [{"lang": "en", "value": "Upgrade to OTRS 7.0.17, ((OTRS)) Community Edition 6.0.28\nPatch for ((OTRS)) Community Edition 6: https://github.com/OTRS/otrs/commit/ff725cbea77f03fa296bb13f93f5b07086920342\nPatch for ((OTRS)) Community Edition 5: https://github.com/OTRS/otrs/commit/fb0e6131e79aa2ba9c7acbd16f4ee4e73289f64b"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:46:30.951Z"}, "title": "CVE Program Container", "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2020-11/", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20200501 [SECURITY] [DLA 2198-1] otrs2 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html"}, {"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "matchCriteriaId": "06492F1B-5810-429D-BB78-8706F9E74AEE", "versionEndIncluding": "5.0.42", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "matchCriteriaId": "03EA383C-3BB5-46CF-AEBE-C2B3B92446A6", "versionEndIncluding": "6.0.27", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "matchCriteriaId": "59B100A3-DB5D-466B-BFA3-094EB95A0E4E", "versionEndIncluding": "7.0.16", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions."}, {"lang": "es", "value": "Cuando el usuario descarga claves y certificados de PGP o S/MIME, el archivo exportado presenta el mismo nombre para las claves privadas y p\u00fablicas. Por lo tanto, es posible mezclarlos y enviar la clave privada a un tercero en lugar de la clave p\u00fablica. Este problema afecta a ((OTRS)) Community Edition: versiones 5.0.42 y anteriores, versiones 6.0.27 y anteriores. OTRS: versiones 7.0.16 y anteriores."}], "id": "CVE-2020-1774", "lastModified": "2024-11-21T05:11:21.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2020-04-28T14:15:14.283", "references": [{"source": "[email protected]", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html"}, {"source": "[email protected]", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}, {"source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-11/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-11/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-201"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}