CVE-2020-26028
First published: Mon Dec 28 2020(Updated: )
An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zammad Zammad | >=1.0.0<3.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the ID of the vulnerability in Zammad?
The ID of the vulnerability in Zammad is CVE-2020-26028.
What is the severity of CVE-2020-26028?
The severity of CVE-2020-26028 is medium (4.9).
What is the description of CVE-2020-26028?
CVE-2020-26028 is an issue in Zammad before 3.4.1 where admin users without a ticket.* permission can access tickets.
How can the vulnerability in Zammad be fixed?
To fix the vulnerability in Zammad, it is recommended to update to version 3.4.1 or higher.
Where can I find more information about CVE-2020-26028?
More information about CVE-2020-26028 can be found at the following link: https://zammad.com/news/security-advisory-zaa-2020-19
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/tags
- agent/description
- agent/event
- vendor/zammad
- canonical/zammad zammad
- version/zammad zammad/1.0.0