CVSS: 9.9EPSS: 82%CPEs: 3EXPL: 15CVE-2024-42327 – SQL injection in user.get API
https://notcve.org/view.php?id=CVE-2024-42327
27 Nov 2024 — A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access. Una cuenta de usuario que no sea administrador en la interfaz de Zabbix con el rol de usuario predeterminado o con cualquier otro rol que proporcione acceso a la API puede aprove... • https://packetstorm.news/files/id/183055 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42326 – Use after free vulnerability in browser.c
https://notcve.org/view.php?id=CVE-2024-42326
27 Nov 2024 — There was discovered a use after free bug in browser.c in the es_browser_get_variant function Se descubrió un error de use after free en browser.c en la función es_browser_get_variant • https://support.zabbix.com/browse/ZBX-25622 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36463
https://notcve.org/view.php?id=CVE-2024-36463
26 Nov 2024 — The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. • https://support.zabbix.com/browse/ZBX-25611 • CWE-767: Access to Critical Private Variable via Public Method •
CVSS: 2.2EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22117 – Value of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs is added
https://notcve.org/view.php?id=CVE-2024-22117
26 Nov 2024 — When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element. • https://support.zabbix.com/browse/ZBX-25610 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2024-22119 – Stored XSS in graph items select form
https://notcve.org/view.php?id=CVE-2024-22119
09 Feb 2024 — The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. La causa de la vulnerabilidad es la validación inadecuada del campo de entrada del formulario "Nombre" en la página Gráfico en la sección Elementos. • https://lists.debian.org/debian-lts-announce/2024/04/msg00020.html • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-32728 – Code injection in zabbix_agent2 smart.disk.get caused by smartctl plugin
https://notcve.org/view.php?id=CVE-2023-32728
18 Dec 2023 — The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution. La clave del elemento Zabbix Agent 2 smart.disk.get no sanitiza sus parámetros antes de pasarlos a un comando de shell, lo que resulta en una posible vulnerabilidad de ejecución remota de código. • https://support.zabbix.com/browse/ZBX-23858 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-32727 – Code execution vulnerability in icmpping
https://notcve.org/view.php?id=CVE-2023-32727
18 Dec 2023 — An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. Un atacante que tiene el privilegio de configurar elementos de Zabbix puede usar la función icmpping() con un comando malicioso adicional dentro para ejecutar código arbitrario en el servidor Zabbix actual. • https://support.zabbix.com/browse/ZBX-23857 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-32726 – Possible buffer overread from reading DNS responses
https://notcve.org/view.php?id=CVE-2023-32726
18 Dec 2023 — The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server. La vulnerabilidad se debe a una verificación incorrecta de si RDLENGTH no desborda el búfer en respuesta del servidor DNS. • https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2023-32725 – Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.
https://notcve.org/view.php?id=CVE-2023-32725
18 Dec 2023 — The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user. El sitio web configurado en el widget de la URL recibirá una cookie de sesión al probar o ejecutar informes programados. La cookie de sesión recibida se puede utilizar para acceder a la interfaz como usuario particular. • https://support.zabbix.com/browse/ZBX-23854 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-32724 – JavaScript engine memory pointers are directly available for Zabbix users for modification
https://notcve.org/view.php?id=CVE-2023-32724
12 Oct 2023 — Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation. El puntero de memoria está en una propiedad del objeto Ducktape. Esto conduce a múltiples vulnerabilidades relacionadas con el acceso directo y la manipulación de la memoria. • https://support.zabbix.com/browse/ZBX-23391 • CWE-732: Incorrect Permission Assignment for Critical Resource •