Unrated severityNVD Advisory· Published Jul 24, 2023· Updated Oct 23, 2024
Code execution via System Configuration
CVE-2023-38056
Description
Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- OTRS AG/((OTRS)) Community Editionv5Range: 6.0.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.