2 matches found
CVE-2017-5619
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself e.g., from the DB instead of the valid password string...
CVE-2017-5619
CVE-2017-5619 affects Zammad prior to 1.0.4, 1.1.x prior to 1.1.3, and 1.2.x prior to 1.2.1. The vulnerability allows an attacker to authenticate by using a hashed password retrieved from the database instead of a valid password string, effectively bypassing normal authentication. The available c...