Vulnerabilities > CVE-2020-1768 - Insufficient Session Expiration vulnerability in Otrs
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
PARTIAL Summary
The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 12 |