Release Note

OTRS Security Advisory 2023-02

Please read carefully and check if the version of your OTRS system is affected by this vulnerability.

Please send information regarding vulnerabilities in OTRS to: security@otrs.org

PGP Key

pub 2048R/9C227C6B 2011-03-21
uid OTRS Security Team <security@otrs.org>
GPG Fingerprint E330 4608 DA6E 34B7 1551 C244 7F9E 44E9 9C22 7C6B

Security Advisory Details

ID: OSA-2023-02
Date: 2023-03-20
Title: Code execution through ACL creation
Severity: 7.4 HIGH
Product: OTRS 7.0.x, OTRS 8.0.x
Fixed in: OTRS 7.0.42, OTRS 8.0.31
FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
References: CVE-2023-1250

OSA-2023-02 Code execution through ACL creation (CVE-2023-1250)

Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names.

PRODUCT AFFECTED:

This issue affects

OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31;

((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

PROBLEM:

CWE-20 Improper Input Validation CWE-20

Impact:

CAPEC-549 Local Execution of Code CAPEC-549

Product Status

Product

Affected

OTRS AG OTRS » ACL

Default status is affected

from 7.0.x before 7.0.42

from 8.0.x before 8.0.31

OTRS AG ((OTRS)) Community Edition » Ticket Actions

Default status is affected

from 6.0.1 through 6.0.34

SOLUTION:

Update to OTRS 7.0.42, OTRS 8.0.31

MODIFICATION HISTORY:

CVSS SCORE:

3.1 VECTOR: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N

RISK LEVEL:

HIGH

ACKNOWLEDGEMENTS:

Special thanks to Tim Püttmanns for reporting these vulnerability.