Executive Summary

CVE-2026-34837 is a moderate severity vulnerability in Zammad version 7.0.0, fixed in 7.0.1. It involves a missing authorization check in the REST endpoint POST /api/v1/ai_assistance/text_tools/:id. Specifically, context data such as group or organization information used in AI prompts are not verified for accessibility by the current user.

This means that users with the ticket.agent permission can include unauthorized context data in AI prompts, potentially exposing sensitive information that they should not have access to.

The vulnerability is classified as a Missing Authorization (CWE-862) and can be exploited remotely with low complexity and no user interaction.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized exposure of sensitive context data in AI prompts within the Zammad helpdesk system.

Users with ticket.agent permissions might gain access to group or organization data that they are not authorized to see, which could result in information disclosure.

However, the vulnerability does not impact data integrity or system availability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves a missing authorization check in the REST endpoint POST /api/v1/ai_assistance/text_tools/:id in Zammad versions prior to 7.0.1. Detection would involve monitoring or testing this specific API endpoint to see if unauthorized context data is accessible or included in AI prompts.

One approach to detect this vulnerability is to perform an authorized request to the endpoint as a user with ticket.agent permissions and verify if context data (such as group or organization information) that should be restricted is accessible or included without proper authorization checks.

Suggested commands might include using curl or similar HTTP clients to send POST requests to the endpoint and inspect the responses for unauthorized data exposure. For example:

• curl -X POST -H "Authorization: Bearer <agent_token>" https://<zammad-server>/api/v1/ai_assistance/text_tools/<id> -d '{}'
• Analyze the response to check if context data related to groups or organizations not authorized for the user is present.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade Zammad to version 7.0.1 or later, where this authorization failure has been fixed.

Until the upgrade can be applied, restrict access to users with ticket.agent permissions and monitor usage of the AI assistance endpoint to minimize exposure.

Additionally, review and limit permissions for users who can access the AI assistance features to reduce the risk of unauthorized data exposure.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows users with ticket.agent permissions to include unauthorized context data, such as group or organization information, in AI prompts without proper authorization checks.

Such unauthorized exposure of sensitive or protected data could potentially lead to non-compliance with data protection regulations like GDPR or HIPAA, which require strict controls on access to personal or sensitive information.

Although the impact on confidentiality is considered low and there is no effect on data integrity or availability, the failure to properly restrict access to context data may violate principles of least privilege and data minimization mandated by these standards.

Useful 0 Not Useful 0