CVE-2022-39051
6.8
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Summary
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OTRS AG | OTRS | 7.0.x 7.0.36 | affected |
| OTRS AG | OTRS | 8.0.x 8.0.24 | affected |
| OTRS AG | ((OTRS)) Community Edition | 6.0.1 < 6.0.x* | affected |
Weaknesses
- CWE-913: CWE-913 Improper Control of Dynamically-Managed Code Resources
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.