Unrated severityNVD Advisory· Published Aug 8, 2022· Updated Aug 3, 2024
CVE-2022-35490
CVE-2022-35490
Description
Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force attacks trying to guess login credentials. After a configurable amount of attempts, users are invalidated and logins prevented. An attacker might work around this prevention, enabling them to send more than the configured amount of requests before the user invalidation takes place.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- zammad.com/de/advisories/zaa-2022-07mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.