PT-2022-10485 · Otrs+3 · Otrs+3
Maxime Brigaudeau
+1
·
Published
2022-03-21
·
Updated
2023-08-31
·
CVE-2021-36100
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
OTRS versions (affected versions not specified)
OTRS ITSM versions (affected versions not specified)
OTRS Storm versions (affected versions not specified)
Description
The issue allows the execution of any system command through a specially crafted string in the OTRS system configuration.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Otrs
Otrs Itsm
Otrs Storm