Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: OTRS
Published: 2023-07-24T08:27:13.127Z
Updated: 2024-08-02T17:30:12.960Z
Reserved: 2023-07-12T08:05:38.780Z
Link: CVE-2023-38056
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-24T09:15:09.403
Modified: 2023-08-01T17:00:31.543
Link: CVE-2023-38056
Redhat
No data.