Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-14214

Опубликовано: 16 июн. 2020
Источник: debian

Описание

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
zammaditppackage

Связанные уязвимости

nvd логотип

CVE-2020-14214

CVSS3: 6.5
nvd
больше 5 лет назад

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization.

github логотип

GHSA-655m-24cc-cx96

github
больше 3 лет назад

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization.