CVE-2024-49193

Name of the Vulnerable Software and Affected Versions Zendesk versions prior to 2024-07-02

Description The issue is related to improper authorization in Zendesk, allowing remote attackers to read ticket history via e-mail spoofing. This is because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, with an insufficient mechanism for detecting spoofed e-mail messages. The support e-mail addresses associated with individual tickets are also predictable. An attacker can view the entire ticket's history, gaining access to sensitive data, by knowing the support email and ticket id.

Recommendations For versions prior to 2024-07-02, upgrade the affected component immediately to prevent potential remote exploits. As a temporary workaround, consider restricting access to the email handler to minimize the risk of exploitation. Avoid using predictable support email addresses associated with individual tickets until the issue is resolved.