Bug 1168029 - (CVE-2020-1772) VUL-0: CVE-2020-1772: otrs: Lost Password requests with wildcard values could allow attacker to retrieve valid Token
(CVE-2020-1772)
VUL-0: CVE-2020-1772: otrs: Lost Password requests with wildcard values could...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Basesystem
Leap 15.2
Other Other
: P3 - Medium : Minor (vote)
: ---
Assigned To: Christian Wittmer
Security Team bot
https://smash.suse.de/issue/256040/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-03-30 07:33 UTC by Alexander Bergmann
Modified: 2020-09-23 13:21 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2020-03-30 07:33:50 UTC
CVE-2020-1772

It's possible to craft Lost Password requests with wildcards in the Token value,
which allows attacker to retrieve valid Token(s), generated by users which
already requested new passwords. This issue affects: ((OTRS)) Community Edition
5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior
versions.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772
https://otrs.com/release-notes/otrs-security-advisory-2020-09/
Comment 1 Christian Wittmer 2020-04-07 22:10:36 UTC
ongoing work ...
Comment 2 Swamp Workflow Management 2020-04-08 12:40:46 UTC
This is an autogenerated message for OBS integration:
This bug (1168029) was mentioned in
https://build.opensuse.org/request/show/792434 15.1+Backports:SLE-15+Backports:SLE-15-SP1 / otrs
Comment 3 Swamp Workflow Management 2020-04-09 10:20:38 UTC
This is an autogenerated message for OBS integration:
This bug (1168029) was mentioned in
https://build.opensuse.org/request/show/792677 15.1+Backports:SLE-15+Backports:SLE-15-SP1 / otrs
https://build.opensuse.org/request/show/792678 15.1+Backports:SLE-15+Backports:SLE-15-SP1 / otrs
Comment 4 Swamp Workflow Management 2020-04-22 12:40:40 UTC
This is an autogenerated message for OBS integration:
This bug (1168029) was mentioned in
https://build.opensuse.org/request/show/796277 15.1 / otrs
Comment 5 Swamp Workflow Management 2020-04-25 19:14:53 UTC
openSUSE-SU-2020:0551-1: An update that fixes 18 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1122560,1137614,1137615,1139406,1141430,1141431,1141432,1156431,1157001,1160663,1168029,1168030,1168031,1168032
CVE References: CVE-2019-10067,CVE-2019-12248,CVE-2019-12497,CVE-2019-12746,CVE-2019-13457,CVE-2019-13458,CVE-2019-16375,CVE-2019-18179,CVE-2019-18180,CVE-2019-9752,CVE-2019-9892,CVE-2020-1765,CVE-2020-1766,CVE-2020-1769,CVE-2020-1770,CVE-2020-1771,CVE-2020-1772,CVE-2020-1773
Sources used:
openSUSE Leap 15.1 (src):    otrs-5.0.42-lp151.2.3.1
openSUSE Backports SLE-15-SP1 (src):    otrs-5.0.42-bp151.3.3.1
openSUSE Backports SLE-15 (src):    otrs-5.0.42-bp150.2.10.1
Comment 6 Christian Wittmer 2020-05-04 08:37:55 UTC
can we close this ?
Comment 7 Alexandros Toptsoglou 2020-05-04 08:40:04 UTC
Done
Comment 8 Swamp Workflow Management 2020-09-20 04:22:53 UTC
openSUSE-SU-2020:1475-1: An update that fixes 18 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1122560,1137614,1137615,1139406,1141430,1141431,1141432,1156431,1157001,1160663,1168029,1168030,1168031,1168032
CVE References: CVE-2019-10067,CVE-2019-12248,CVE-2019-12497,CVE-2019-12746,CVE-2019-13457,CVE-2019-13458,CVE-2019-16375,CVE-2019-18179,CVE-2019-18180,CVE-2019-9752,CVE-2019-9892,CVE-2020-1765,CVE-2020-1766,CVE-2020-1769,CVE-2020-1770,CVE-2020-1771,CVE-2020-1772,CVE-2020-1773
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    otrs-6.0.29-lp152.2.3.4
openSUSE Leap 15.1 (src):    otrs-6.0.29-lp151.2.6.2
openSUSE Backports SLE-15-SP2 (src):    otrs-6.0.29-bp152.2.5.4
openSUSE Backports SLE-15-SP1 (src):    otrs-6.0.29-bp151.3.6.2
Comment 9 Swamp Workflow Management 2020-09-23 13:21:44 UTC
openSUSE-SU-2020:1509-1: An update that fixes 18 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1122560,1137614,1137615,1139406,1141430,1141431,1141432,1156431,1157001,1160663,1168029,1168030,1168031,1168032
CVE References: CVE-2019-10067,CVE-2019-12248,CVE-2019-12497,CVE-2019-12746,CVE-2019-13457,CVE-2019-13458,CVE-2019-16375,CVE-2019-18179,CVE-2019-18180,CVE-2019-9752,CVE-2019-9892,CVE-2020-1765,CVE-2020-1766,CVE-2020-1769,CVE-2020-1770,CVE-2020-1771,CVE-2020-1772,CVE-2020-1773
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP2 (src):    otrs-6.0.29-bp152.2.8.1