PT-2023-15552 · Zammad · Zammad

Dominik Büttner

Published

2023-02-03

Updated

2025-03-26

CVE-2022-48021

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zammad version 5.3.0

Description A vulnerability allows attackers to execute arbitrary code or escalate privileges via a crafted message sent to the server.

Recommendations For Zammad version 5.3.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-48021

Affected Products

Zammad

PT-2023-15552 · Zammad · Zammad

CVE-2022-48021

Related Identifiers

Affected Products

References · 5