Vulnerability-Lookup

GHSA-CQHR-CHMP-4X86

Vulnerability from github – Published: 2024-06-06 21:30 – Updated: 2024-06-06 21:30

Details

The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts. This issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

Severity

6.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-23793"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-06T19:15:52Z",
    "severity": "MODERATE"
  },
  "details": "The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts.\nThis issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.\n\n",
  "id": "GHSA-cqhr-chmp-4x86",
  "modified": "2024-06-06T21:30:36Z",
  "published": "2024-06-06T21:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23793"
    },
    {
      "type": "WEB",
      "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-05"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-23793 (GCVE-0-2024-23793)

Vulnerability from cvelistv5 – Published: 2024-06-06 18:06 – Updated: 2024-08-01 23:13

Title

Upload of files outside application directory

Summary

Severity

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

OTRS

References

1 reference

URL	Tags
https://otrs.com/release-notes/otrs-security-advi…

Impacted products

2 products

Vendor	Product	Version
OTRS AG	OTRS	Affected: 7.0.x , ≤ 7.0.49 (Patch) Affected: 8.0.x Affected: 2023.x Affected: 2024.x , ≤ 2024.3.2 (Patch)
OTRS AG	((OTRS)) Community Edition	Affected: 6.0.1 , ≤ 6.0.34 (All)

Date Public

2024-06-03 07:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "otrs",
            "vendor": "otrs",
            "versions": [
              {
                "lessThan": "7.0.49",
                "status": "affected",
                "version": "7.0.x",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "8.0.x"
              },
              {
                "status": "affected",
                "version": "2023.x"
              },
              {
                "lessThan": "2024.3.2",
                "status": "affected",
                "version": "2024.x",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:otrs:otrs_community_edition:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "otrs_community_edition",
            "vendor": "otrs",
            "versions": [
              {
                "lessThan": "6.0.34",
                "status": "affected",
                "version": "6.0.1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23793",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-06T20:07:44.167335Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T20:22:49.508Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:13:07.327Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-05/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "modules": [
            "File Upload"
          ],
          "product": "OTRS",
          "vendor": "OTRS AG",
          "versions": [
            {
              "lessThanOrEqual": "7.0.49",
              "status": "affected",
              "version": "7.0.x",
              "versionType": "Patch"
            },
            {
              "status": "affected",
              "version": "8.0.x"
            },
            {
              "status": "affected",
              "version": "2023.x"
            },
            {
              "lessThanOrEqual": "2024.3.2",
              "status": "affected",
              "version": "2024.x",
              "versionType": "Patch"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "((OTRS)) Community Edition",
          "vendor": "OTRS AG",
          "versions": [
            {
              "lessThanOrEqual": "6.0.34",
              "status": "affected",
              "version": "6.0.1",
              "versionType": "All"
            }
          ]
        }
      ],
      "datePublic": "2024-06-03T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts.\u003cbr\u003e\u003cp\u003eThis issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.\u003c/p\u003e"
            }
          ],
          "value": "The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts.\nThis issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-17",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-17 Using Malicious Files"
            }
          ]
        },
        {
          "capecId": "CAPEC-549",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-549 Local Execution of Code"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-06T18:06:58.805Z",
        "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "shortName": "OTRS"
      },
      "references": [
        {
          "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-05/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to OTRS\u0026nbsp;2024.4.3 or OTRS 7.0.50 (extended support only)\u003cbr\u003e"
            }
          ],
          "value": "Update to OTRS\u00a02024.4.3 or OTRS 7.0.50 (extended support only)\n"
        }
      ],
      "source": {
        "advisory": "OSA-2024-05",
        "defect": [
          "Issue#2411"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Upload of files outside application directory",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
    "assignerShortName": "OTRS",
    "cveId": "CVE-2024-23793",
    "datePublished": "2024-06-06T18:06:58.805Z",
    "dateReserved": "2024-01-22T10:32:00.704Z",
    "dateUpdated": "2024-08-01T23:13:07.327Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-CQHR-CHMP-4X86

CVE-2024-23793 (GCVE-0-2024-23793)

Tags

Sightings

Nomenclature