VYPR
Unrated severityNVD Advisory· Published Aug 8, 2022· Updated Aug 3, 2024

CVE-2022-35490

CVE-2022-35490

Description

Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force attacks trying to guess login credentials. After a configurable amount of attempts, users are invalidated and logins prevented. An attacker might work around this prevention, enabling them to send more than the configured amount of requests before the user invalidation takes place.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zammad/Zammadcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 5.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.