Skip to main content

CVE-2023-29867

Severity Medium
Score 6.5/10

Summary

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • NONE

References

Advisory Timeline

  • Published