First published: Thu Oct 07 2021(Updated: )
An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zammad Zammad | <4.1.1 | |
<4.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-42084 is a vulnerability in Zammad before version 4.1.1 that allows an attacker with valid agent credentials to cause a denial of service (DoS) by creating an endless loop.
CVE-2021-42084 affects Zammad versions prior to 4.1.1 and can be exploited by an attacker who has valid agent credentials.
The severity of CVE-2021-42084 is medium (CVSS score of 6.5).
An attacker with valid agent credentials can exploit CVE-2021-42084 by sending a series of crafted requests that cause an endless loop.
To fix CVE-2021-42084, you need to update Zammad to version 4.1.1 or later.