CVE-2020-14213

CVE-2020-14213

EPSS 0.6%

In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge).

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/zammad/zammad/commit/6e56aee25439b7a3211a6704a9d60453ad623ae4 https://zammad.com/news/security-advisory-zaa-2020-13