CVE-2023-38059

🗓️ 16 Oct 2023 08:10:44Reported by OTRSType

CVE-2023-38059: External image loading vulnerability in OTR

Reporter	Title	Published	Views	Family All 27
CNNVD	OTRS Security Vulnerabilities	16 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-38059 External pictures can be loaded even if not allowed by configuration	16 Oct 202308:10	–	cvelist
EUVD	EUVD-2023-41885	3 Oct 202520:07	–	euvd
NVD	CVE-2023-38059	16 Oct 202309:15	–	nvd
OSV	CVE-2023-38059	16 Oct 202309:15	–	osv
OSV	UBUNTU-CVE-2023-38059	16 Oct 202309:15	–	osv
Prion	Code injection	16 Oct 202309:15	–	prion
Positive Technologies	PT-2020-6429 · Otrs Ag +1 · Otrs +2	29 Dec 202000:00	–	ptsecurity
Positive Technologies	PT-2021-14507 · Otrs Ag +1 · Otrs +1	8 Feb 202100:00	–	ptsecurity
Positive Technologies	PT-2021-21111 · Otrs Ag +1 · Otrs +2	26 Jul 202100:00	–	ptsecurity

NVD

Node

otrs otrsRange6.0.0–6.0.34community

otrs otrsRange7.0.0–7.0.47

otrs otrsRange8.0.0–8.0.37

[
  {
    "defaultStatus": "affected",
    "modules": [
      "Agent Interface"
    ],
    "product": "OTRS",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThan": "7.0.47",
        "status": "affected",
        "version": "7.0.x",
        "versionType": "Patch"
      },
      {
        "lessThan": "8.0.37",
        "status": "affected",
        "version": "8.0.x",
        "versionType": "Patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Agent Interface"
    ],
    "product": "((OTRS)) Community Edition",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThanOrEqual": "6.0.34",
        "status": "affected",
        "version": "6.0.x",
        "versionType": "All"
      }
    ]
  }
]

Source	Link
otrs	www.otrs.com/release-notes/otrs-security-advisory-2023-08/

21 Nov 2024 08:12Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.3

EPSS0.00371

SSVC

CWE-200