2024-05-19 19:36:21
mitre
PUBLISHED
In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gems files, injecting arbitrary code into Zammad processes (which run with the environment and permissions of the Zammad user).