CVE-2022-29700

High

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of…

mitre·CWE-521·Published 2022-04-27

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

178 chars

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.

NVDen

178 chars

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.

NVDes

233 chars

Una falta de restricción de la longitud de las contraseñas en Zammad versión v5.1.0, permite la creación de contraseñas extremadamente largas que pueden causar una Denegación de Servicio (DoS) durante la verificación de la contraseña

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H