Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27331

April 27, 2022, 3:15 a.m. |

National Vulnerability Database nist.gov

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.

cve

Information Systems Security Officer (ISSO)

@ Spry Methods | Denver, CO

Client Manager - Cybersecurity - Nashville Enterprise

@ Optiv | Nashville, TN

Threat Analyst | Remote, USA

@ Optiv | Minneapolis, MN

Senior Cyber Security SME

@ Node.Digital | Dulles, Virginia, United States

Junior Security Engineer, Applications

@ BetterHelp | Mountain View, California, United States

Information Security Analyst II

@ SOPHiA GENETICS | Lausanne, Vaud, Switzerland

Product Security Engineer

@ Elastic | United States

Senior Network Exploitation Analyst

@ Barbaricum | Washington, DC

Junior Security Engineer, Blue Team

@ BetterHelp | Mountain View, California, United States

Security Analyst, Security Operations (Threat Hunting, Operations, and Response)

@ GitHub | Remote - US

Security Engineer III - Information Security, Active Directory

@ Riot Games, Inc. | Los Angeles, USA

Staff Security Engineer, Application Security

@ Lyft | Mexico City, Mexico