Lucene search

OTRSVULNRICHMENT:CVE-2024-23793

HistoryJun 06, 2024 - 6:06 p.m.

CVE-2024-23793 Upload of files outside application directory

2024-06-0618:06:58

CWE-22

OTRS

github.com

file upload

path traversal

otrs

community edition

vulnerability

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

AI Score

Confidence

High

EPSS

Percentile

10.5%

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts.
This issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "modules": [
      "File Upload"
    ],
    "product": "OTRS",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThanOrEqual": "7.0.49",
        "status": "affected",
        "version": "7.0.x",
        "versionType": "Patch"
      },
      {
        "status": "affected",
        "version": "8.0.x"
      },
      {
        "status": "affected",
        "version": "2023.x"
      },
      {
        "lessThanOrEqual": "2024.3.2",
        "status": "affected",
        "version": "2024.x",
        "versionType": "Patch"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "((OTRS)) Community Edition",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThanOrEqual": "6.0.34",
        "status": "affected",
        "version": "6.0.1",
        "versionType": "All"
      }
    ]
  }
]

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"
    ],
    "vendor": "otrs",
    "product": "otrs",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.x",
        "lessThan": "7.0.49",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "8.0.x"
      },
      {
        "status": "affected",
        "version": "2023.x"
      },
      {
        "status": "affected",
        "version": "2024.x",
        "lessThan": "2024.3.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "cpes": [
      "cpe:2.3:a:otrs:otrs_community_edition:*:*:*:*:*:*:*:*"
    ],
    "vendor": "otrs",
    "product": "otrs_community_edition",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.1",
        "lessThan": "6.0.34",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

otrs.com/release-notes/otrs-security-advisory-2024-05/