CVE-2021-42137

Опубликовано: 11 окт. 2021

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of the privilege requirement for viewing a list of tickets that shows title, state, etc.

Ссылки

https://zammad.com/en/advisories/zaa-2021-19
Vendor Advisory
https://zammad.com/en/advisories/zaa-2021-19
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zammad:zammad:*:*:*:*:*:*:*:*

Версия до 5.0.1 (исключая)

EPSS

Процентиль: 42%

0.00203

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

CVE-2021-42137

CVSS3: 5.3

debian

больше 4 лет назад

An issue was discovered in Zammad before 5.0.1. In some cases, there i ...

GHSA-8r2j-p454-pcgc

CVSS3: 5.3

github

больше 3 лет назад

An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of the privilege requirement for viewing a list of tickets that shows title, state, etc.

EPSS

Процентиль: 42%

0.00203

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-863