Vulnerabilities > Zammad > Zammad

DATE CVE VULNERABILITY TITLE RISK
2023-12-10 CVE-2023-50453 Unspecified vulnerability in Zammad 6.1.0/6.2.0
An issue was discovered in Zammad before 6.2.0.
network
low complexity
zammad
5.3
5.3
2023-12-10 CVE-2023-50454 Improper Certificate Validation vulnerability in Zammad 6.1.0/6.2.0
An issue was discovered in Zammad before 6.2.0.
network
high complexity
zammad CWE-295
5.9
5.9
2023-12-10 CVE-2023-50455 Allocation of Resources Without Limits or Throttling vulnerability in Zammad 6.1.0/6.2.0
An issue was discovered in Zammad before 6.2.0.
network
low complexity
zammad CWE-770
7.5
7.5
2023-12-10 CVE-2023-50456 Unspecified vulnerability in Zammad 6.1.0/6.2.0
An issue was discovered in Zammad before 6.2.0.
network
low complexity
zammad
5.3
5.3
2023-12-10 CVE-2023-50457 Incorrect Authorization vulnerability in Zammad 6.1.0/6.2.0
An issue was discovered in Zammad before 6.2.0.
network
low complexity
zammad CWE-863
4.3
4.3
2023-05-18 CVE-2023-31597 Incorrect Authorization vulnerability in Zammad
An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user.
network
low complexity
zammad CWE-863
6.5
6.5
2023-05-02 CVE-2023-29867 Unspecified vulnerability in Zammad 5.3.0/5.3.1
Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control.
network
low complexity
zammad
6.5
6.5
2023-05-02 CVE-2023-29868 Unspecified vulnerability in Zammad 5.3.0/5.3.1
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control.
network
low complexity
zammad
6.5
6.5
2023-02-03 CVE-2022-48021 Unspecified vulnerability in Zammad 5.3.0
A vulnerability in Zammad v5.3.0 allows attackers to execute arbitrary code or escalate privileges via a crafted message sent to the server.
network
low complexity
zammad
critical
 9.8
9.8
2023-02-03 CVE-2022-48022 Unspecified vulnerability in Zammad 5.3.0
An issue in the component /api/v1/mentions of Zammad v5.3.0 allows authenticated attackers with agent permissions to view information about tickets they are not authorized to see.
network
low complexity
zammad
4.3
4.3