CVE-2020-1778

Summary

When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions.

Affected Software

VendorProductVersion RangeStatus
OTRS AGOTRS8.0.x <= 8.0.9affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References