Zammad Server-Side Request Forgery Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in Zammad versions 6.4.x prior to 6.4.2. This vulnerability allows authenticated admin users to exploit webhook functionality. When a webhook endpoint returns a redirect, Zammad automatically follows it with a GET request. An attacker could potentially use this to send GET requests to internal resources, such as those on the local network.

Impact

Exploitation of this vulnerability could lead to unauthorized GET requests being sent to internal network resources, potentially allowing an attacker to access or manipulate sensitive information or services.

Remediation

Users are advised to upgrade to Zammad version 6.5.0 or 6.4.2. Fixed releases are available on the Zammad website or via the Zammad FTP site. Users with Zammad installed through an operating system package manager can simply update their installation.