High severity7.3NVD Advisory· Published Mar 27, 2020· Updated Jun 17, 2026
CVE-2020-1773
CVE-2020-1773
Description
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- Range: <=6.0.26, <=5.0.41
- osv-coords5 versionspkg:rpm/opensuse/otrs&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/otrs&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015%20SP2
< 5.0.42-bp151.3.3.1+ 4 more
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 6.0.29-bp152.2.5.4
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 6.0.29-bp152.2.5.4
- OTRS AG/((OTRS)) Community Editionv5Range: 5.0.41 and prior
Patches
Vulnerability mechanics
References
5- otrs.com/release-notes/otrs-security-advisory-2020-10/nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.htmlnvd
- lists.debian.org/debian-lts-announce/2023/08/msg00040.htmlnvd
News mentions
0No linked articles in our index yet.