Format string

2017-03-1306:59:00

PRIOn knowledge base

www.prio-n.com

9.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.2%

JSON

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself (e.g., from the DB) instead of the valid password string.

CPENameOperatorVersion
zammadeq1.1.0
zammadeq1.1.1
zammadeq1.2.0
zammadle1.0.3
zammadeq1.1.2

Name	Operator	Version
zammad	eq	1.1.0
zammad	eq	1.1.1
zammad	eq	1.2.0
zammad	le	1.0.3
zammad	eq	1.1.2

References

www.securityfocus.com/bid/96937

zammad.com/de/news/security-advisory-zaa-2017-01