CVE-2023-29867

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-29867
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29867.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-29867
Published
2023-05-02T16:15:08Z
Modified
2025-01-30T17:15:15Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.

References

Affected packages

Git / github.com/zammad/zammad

Affected ranges

Type
GIT
Repo
https://github.com/zammad/zammad
Events