Aqua Vulnerability Database
Get Demo
Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities
CVE-2016-4427
Published:
Jul 28, 2022
| Modified:
Aug 04, 2022
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVD
https://nvd.nist.gov/vuln/detail/CVE-2016-4427
CWE
https://cwe.mitre.org/data/definitions/.html
In zulip before 1.3.12, deactivated users could access messages if SSO was enabled.
Affected Software
Name
Vendor
Start Version
End Version
Zulip
Zulip
*
1.3.12 (excluding)
References
https://zulip.readthedocs.io/en/2.1.7/overview/changelog.html#id35
Aqua Container Security