Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Zammad Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27332 1 Zammad 1 Zammad 2023-08-08 5.8 MEDIUM 9.1 CRITICAL
An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. This vulnerability can allow attackers to execute phishing attacks or cause a Denial of Service (DoS).
CVE-2021-42094 1 Zammad 1 Zammad 2021-10-14 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Zammad before 4.1.1. Command Injection can occur via custom Packages.
CVE-2021-42091 1 Zammad 1 Zammad 2021-10-14 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration.
CVE-2021-42090 1 Zammad 1 Zammad 2021-10-14 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled.
CVE-2020-26030 1 Zammad 1 Zammad 2020-12-29 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users.
CVE-2017-5619 1 Zammad 1 Zammad 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself (e.g., from the DB) instead of the valid password string.
CVE-2017-6080 1 Zammad 1 Zammad 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. To exploit the vulnerability, an attacker can send cross-domain requests directly to the REST API for users with a valid session cookie and receive the result.