Znuny Generic Interface Ticket Metadata Update Permission Vulnerability

Vulnerability

A vulnerability exists in Znuny versions prior to 7.1.4, where permissions are not properly validated when the Generic Interface is used to modify ticket metadata. This flaw allows ticket attributes to be altered without the necessary authorization.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in ticket metadata, potentially allowing users to manipulate ticket attributes inappropriately.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Znuny Generic Interface Ticket Metadata Update Permission Vulnerability

Vulnerability

Impact

Affected Products

Znuny

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating