VYPR
Unrated severityNVD Advisory· Published Aug 8, 2022· Updated Aug 3, 2024

CVE-2022-35488

CVE-2022-35488

Description

In Zammad 5.2.0, an attacker could manipulate the rate limiting in the 'forgot password' feature of Zammad, and thereby send many requests for a known account to cause Denial Of Service by many generated emails which would also spam the victim.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zammad/Zammadcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: =5.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.