{"api_version":"1","generated_at":"2026-04-22T23:30:34+00:00","cve":"CVE-2020-1767","urls":{"html":"https://cve.report/CVE-2020-1767","api":"https://cve.report/api/cve/CVE-2020-1767.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-1767","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-1767"},"summary":{"title":"CVE-2020-1767","description":"Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","state":"PUBLIC","assigner":"security@otrs.com","published_at":"2020-01-10 15:15:00","updated_at":"2023-08-31 03:15:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://otrs.com/release-notes/otrs-security-advisory-2020-03/","name":"N/A","refsource":"CONFIRM","tags":["Release Notes","Vendor Advisory"],"title":"OTRS Security Advisory 2020-03 | OTRS","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00027.html","name":"[debian-lts-announce] 20200129 [SECURITY] [DLA 2079-1] otrs2 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2079-1] otrs2 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","name":"[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3551-1] otrs2 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-1767","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1767","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"1767","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1767","vulnerable":"1","versionEndIncluding":"6.0.24","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"otrs","cpe5":"otrs","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"community","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1767","vulnerable":"1","versionEndIncluding":"7.0.13","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"otrs","cpe5":"otrs","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-1767","qid":"6000085","title":"Debian Security Update for otrs2 (DLA 3551-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@otrs.com","DATE_PUBLIC":"2020-01-10T00:00:00.000Z","ID":"CVE-2020-1767","STATE":"PUBLIC","TITLE":"Possible to send drafted messages as wrong agent"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"OTRS AG","product":{"product_data":[{"product_name":"((OTRS)) Community Edition","version":{"version_data":[{"version_value":"6.0.x version 6.0.24 and prior versions"}]}},{"product_name":"OTRS","version":{"version_data":[{"version_value":"7.0.x version 7.0.13 and prior versions"}]}}]}}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.5,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Sender spoofing"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","name":"https://otrs.com/release-notes/otrs-security-advisory-2020-03/","url":"https://otrs.com/release-notes/otrs-security-advisory-2020-03/"},{"refsource":"MLIST","name":"[debian-lts-announce] 20200129 [SECURITY] [DLA 2079-1] otrs2 security update","url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00027.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}]},"solution":[{"lang":"eng","value":"Upgrade to OTRS 7.0.14, ((OTRS)) Community Edition 6.0.25"},{"lang":"eng","value":"Patch for ((OTRS)) Community Edition 6: https://github.com/OTRS/otrs/commit/5f488fd6c809064ee49def3a432030258d211570"}],"source":{"advisory":"OSA-2020-03","defect":["2019121042000738"],"discovery":"USER"}},"nvd":{"publishedDate":"2020-01-10 15:15:00","lastModifiedDate":"2023-08-31 03:15:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":3.5},"severity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.24","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"1767","Ordinal":"161041","Title":"CVE-2020-1767","CVE":"CVE-2020-1767","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"1767","Ordinal":"1","NoteData":"Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"1767","Ordinal":"2","NoteData":"2020-01-10","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"1767","Ordinal":"3","NoteData":"2020-01-29","Type":"Other","Title":"Modified"}]}}}