CVE-2024-33666

HIGH Year: 2024
CVSS v3 Score
8.6
High
Weakness Type
CWE-284
View all →

Vulnerability Description

An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should be available only to agents.

Related Vulnerabilities

CVE-2016-10124

HIGH
CVSS:8.6(High)

An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push ch...

CWE-2842016

CVE-2016-5574

HIGH
CVSS:8.6(High)

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and avai...

CWE-2842016

CVE-2016-5577

HIGH
CVSS:8.6(High)

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and avai...

CWE-2842016

CVE-2016-5578

HIGH
CVSS:8.6(High)

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and avai...

CWE-2842016

CVE-2016-5579

HIGH
CVSS:8.6(High)

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and avai...

CWE-2842016

CVE-2016-5588

HIGH
CVSS:8.6(High)

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and avai...

CWE-2842016