CVE-2023-50455

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 10, 2023
Updated: Dec 13, 2023
CWE ID 770

Summary

CVE-2023-50455 is a high-severity vulnerability that affects Zammad before version 6.2.0. This vulnerability is related to a lack of rate limiting in the "email address verification" feature, allowing an attacker to send numerous requests for a known address, leading to a Denial of Service (DoS) attack by generating a large number of emails and spamming the victim. The affected products include versions t9y8e4, t9y8e5, and t9y8e3. To remediate this vulnerability, it is recommended to update Zammad to version 6.2.0 or later. This vulnerability poses a significant danger to organizations as it can disrupt email communication systems and potentially overload mail servers, impacting business operations and causing inconvenience or financial losses.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-50455 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options