Authentication Bypass Vulnerability in Zammad

Authentication Bypass Vulnerability in Zammad

CVE-2017-5619 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself (e.g., from the DB) instead of the valid password string.

Learn more about our Web Application Penetration Testing UK.