Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-50454

Опубликовано: 10 дек. 2023
Источник: debian
EPSS Низкий

Описание

An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to establish connections to external services without proper validation of hostname and certificate authority. This is exploitable by man-in-the-middle attackers.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
zammaditppackage

EPSS

Процентиль: 30%
0.00112
Низкий

Связанные уязвимости

nvd логотип

CVE-2023-50454

CVSS3: 5.9
nvd
больше 1 года назад

An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to establish connections to external services without proper validation of hostname and certificate authority. This is exploitable by man-in-the-middle attackers.

github логотип

GHSA-xxf4-wg2g-58ch

CVSS3: 5.9
github
больше 1 года назад

An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to establish connections to external services without proper validation of hostname and certificate authority. This is exploitable by man-in-the-middle attackers.

EPSS

Процентиль: 30%
0.00112
Низкий