CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Zammad: >> Zammad >> 3.3.0 Security Vulnerabilities

CVE-2020-14214

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization.

CVSS Score

6.5

EPSS Score

0.002

Published

2020-06-16

Page 5

Vulnerabilities

Vulnerable Software

Zammad: >> Zammad >> 3.3.0 Security Vulnerabilities

Products

Pricing

Contact Us