cbcvebase.
CVE-2020-1768
published 2020-02-07

CVE-2020-1768: The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will…

PriorityP427medium5.4CVSS 3.1
AVNACLPRLUINSUCLINAL
EPSS
0.75%
50.2th percentile
The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions.

Affected

3 ranges
VendorProductVersion rangeFixed in
debianotrs2
otrsotrs7.0.0 – 7.0.14
otrs_agotrs7.0.x – 7.0.14

CVSS provenance

nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:P
osv5.4MEDIUM
vendor_debian5.4LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.