Описание
An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.1.0 (исключая)
cpe:2.3:a:zammad:zammad:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.0026
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-668
Связанные уязвимости
CVSS3: 4.3
debian
почти 4 года назад
An access control issue in Zammad v5.0.3 broadcasts administrative con ...
CVSS3: 4.3
github
почти 4 года назад
An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.
EPSS
Процентиль: 49%
0.0026
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-668