First published: Tue Aug 29 2023(Updated: )
?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary code to be executed in the browser on the target device.
Credit: ics-cert@hq.dhs.gov ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Intland codeBeamer | =21.09.0 | |
Intland codeBeamer | =21.09.0-sp1 | |
Intland codeBeamer | =21.09.0-sp10 | |
Intland codeBeamer | =21.09.0-sp11 | |
Intland codeBeamer | =21.09.0-sp12 | |
Intland codeBeamer | =21.09.0-sp13 | |
Intland codeBeamer | =21.09.0-sp2 | |
Intland codeBeamer | =21.09.0-sp3 | |
Intland codeBeamer | =21.09.0-sp4 | |
Intland codeBeamer | =21.09.0-sp5 | |
Intland codeBeamer | =21.09.0-sp6 | |
Intland codeBeamer | =21.09.0-sp7 | |
Intland codeBeamer | =21.09.0-sp8 | |
Intland codeBeamer | =21.09.0-sp9 | |
Intland codeBeamer | =22.04.0 | |
Intland codeBeamer | =22.04.0-sp1 | |
Intland codeBeamer | =22.04.0-sp2 | |
Intland codeBeamer | =22.04.0-sp3 | |
Intland codeBeamer | =22.04.0-sp4 | |
Intland codeBeamer | =22.04.0-sp5 | |
Intland codeBeamer | =22.10.0 | |
Intland codeBeamer | =22.10.0-sp1 | |
Intland codeBeamer | =22.10.0-sp2 | |
Intland codeBeamer | =22.10.0-sp3 | |
Intland codeBeamer | =22.10.0-sp4 | |
Intland codeBeamer | =22.10.0-sp5 | |
Intland codeBeamer | =22.10.0-sp6 | |
Intland codeBeamer | =22.10.0-sp7 | |
Intland codeBeamer | =22.10.0-sp8 | |
PTC Codebeamer: v22.10-SP7 or lower | ||
PTC Codebeamer: v22.04-SP5 or lower | ||
PTC Codebeamer: v21.09-SP13 or lower | ||
=21.09.0 | ||
=21.09.0-sp1 | ||
=21.09.0-sp10 | ||
=21.09.0-sp11 | ||
=21.09.0-sp12 | ||
=21.09.0-sp13 | ||
=21.09.0-sp2 | ||
=21.09.0-sp3 | ||
=21.09.0-sp4 | ||
=21.09.0-sp5 | ||
=21.09.0-sp6 | ||
=21.09.0-sp7 | ||
=21.09.0-sp8 | ||
=21.09.0-sp9 | ||
=22.04.0 | ||
=22.04.0-sp1 | ||
=22.04.0-sp2 | ||
=22.04.0-sp3 | ||
=22.04.0-sp4 | ||
=22.04.0-sp5 | ||
=22.10.0 | ||
=22.10.0-sp1 | ||
=22.10.0-sp2 | ||
=22.10.0-sp3 | ||
=22.10.0-sp4 | ||
=22.10.0-sp5 | ||
=22.10.0-sp6 | ||
=22.10.0-sp7 | ||
=22.10.0-sp8 |
PTC recommends the following: * Version 22.10.X: upgrade to 22.10-SP8 https://intland.com/codebeamer-download/ or newer version * Version 22.04.X: upgrade to 22.04-SP6 https://intland.com/codebeamer-download/ or newer version * Version 21.09.X: upgrade to 21.09-SP14 https://intland.com/codebeamer-download/ or newer version Docker Image download: https://hub.docker.com/r/intland/codebeamer/tags https://hub.docker.com/r/intland/codebeamer/tags Codebeamer installers: https://intland.com/codebeamer-download/ https://intland.com/codebeamer-download/ Hosted customers may request an upgrade through the support channel https://codebeamer.com/cb/tracker/1910563 . Note that version 2.0 is not impacted by this vulnerability. For more information refer to PTC Security Advisory and Resolution https://codebeamer.com/cb/wiki/31346480 .
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.