CVE-2020-1768

Summary

The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions.

Affected Software

VendorProductVersion RangeStatus
OTRS AGOTRS7.0.x <= 7.0.14affected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CVE Program Container

Additional References

References