Vulnerability Details CVE-2020-1777
Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. This issue affects OTRS; 7.0.21 and prior versions, 8.0.6 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.8%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 5.0
References
Products affected by CVE-2020-1777
-
cpe:2.3:a:otrs:otrs:7.0.0
-
cpe:2.3:a:otrs:otrs:7.0.11
-
cpe:2.3:a:otrs:otrs:7.0.12
-
cpe:2.3:a:otrs:otrs:7.0.13
-
cpe:2.3:a:otrs:otrs:7.0.14
-
cpe:2.3:a:otrs:otrs:7.0.15
-
cpe:2.3:a:otrs:otrs:7.0.16
-
cpe:2.3:a:otrs:otrs:7.0.17
-
cpe:2.3:a:otrs:otrs:7.0.18
-
cpe:2.3:a:otrs:otrs:7.0.19
-
cpe:2.3:a:otrs:otrs:7.0.21
-
cpe:2.3:a:otrs:otrs:7.0.4
-
cpe:2.3:a:otrs:otrs:7.0.5
-
cpe:2.3:a:otrs:otrs:7.0.6
-
cpe:2.3:a:otrs:otrs:7.0.7
-
cpe:2.3:a:otrs:otrs:7.0.8
-
cpe:2.3:a:otrs:otrs:8.0.0
-
cpe:2.3:a:otrs:otrs:8.0.1
-
cpe:2.3:a:otrs:otrs:8.0.2
-
cpe:2.3:a:otrs:otrs:8.0.3
-
cpe:2.3:a:otrs:otrs:8.0.4
-
cpe:2.3:a:otrs:otrs:8.0.5
-
cpe:2.3:a:otrs:otrs:8.0.6