#VU9423 Privilege escalation in OTRS - CVE-2017-16664
Published: November 27, 2017
Vulnerability identifier: #VU9423
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber
CVE-ID: CVE-2017-16664
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
OTRS
OTRS
Software vendor:
otrs.org
otrs.org
Description
The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The weakness exists due to insufficient security checks in the recovery procedure. A remote attacker who is logged into OTRS as an agent can request special URLs from OTRS and execute arbitrary shell commands with the permissions of the web server user.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists due to insufficient security checks in the recovery procedure. A remote attacker who is logged into OTRS as an agent can request special URLs from OTRS and execute arbitrary shell commands with the permissions of the web server user.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Update to version 3.3.20, 4.0.26 or 5.0.24.