Skip to main content

CVE-2020-29159

Severity Medium
Score 4.9/10

Summary

An issue was discovered in Zammad before 3.5.1. The default signup Role (for newly created Users) can be a privileged Role, if configured by an admin. This behvaior was unintended.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • HIGH
  • HIGH
  • NONE

References

Advisory Timeline

  • Published