CVE-2023-6071 Information

Description

An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn’t correctly sanitized when adding a new data source.

Reference

https://kcm.trellix.com/corporate/index?page=content&id=SB10413