Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: OTRS
Published: 2023-07-24T08:27:13.127Z
Updated: 2024-10-23T17:49:19.541Z
Reserved: 2023-07-12T08:05:38.780Z
Link: CVE-2023-38056
Vulnrichment
Updated: 2024-08-02T17:30:12.960Z
NVD
Status : Modified
Published: 2023-07-24T09:15:09.403
Modified: 2024-11-21T08:12:45.833
Link: CVE-2023-38056
Redhat
No data.