Описание
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- ExploitPatch
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.18 (включая)
Одно из
cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:2.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01469
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
около 12 лет назад
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
debian
около 12 лет назад
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 ...
github
больше 3 лет назад
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
EPSS
Процентиль: 81%
0.01469
Низкий
7.5 High
CVSS2
Дефекты
CWE-94