CVE-2021-42086

October 14, 2021

An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request.

Summary:

An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request.

Reference Links(if available):

  • https://zammad.com/en/advisories/zaa-2021-09

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    image

    [HUNTERS] – Ransomware Victim: A&O IT Group

    November 15, 2024
    image

    [RANSOMHUB] – Ransomware Victim: www[.]gob[.]mx

    November 15, 2024
    image

    [EVEREST] – Ransomware Victim: Bio-Clima Service Srl

    November 15, 2024
    image

    [FOG] – Ransomware Victim: Vector Transport (vectortransport[.]com)

    November 15, 2024
    image

    [EVEREST] – Ransomware Victim: A Sensitive Touch Home Health;Alphastar Home Health Care;Heart of Texas Home Healthcare Se

    November 15, 2024