CVE-2023-38692

Name of the Vulnerable Software and Affected Versions CloudExplorer Lite versions prior to 1.3.1

Description The issue concerns a command injection vulnerability in the installation function within the module management of CloudExplorer Lite, an open-source cloud management platform. This vulnerability has been fixed in version 1.3.1. There are no known workarounds aside from upgrading to the fixed version.

Recommendations For versions prior to 1.3.1, upgrade to version 1.3.1 to resolve the issue. As a temporary workaround, consider restricting access to the module management installation function until the upgrade can be applied.