Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-29449

Опубликовано: 13 июл. 2023
Источник: nvd
CVSS3: 5.9
CVSS3: 4.9
EPSS Низкий

Описание

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
Версия до 5.0.31 (включая)
cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
Версия от 6.0.0 (включая) до 6.0.13 (включая)
cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
Версия от 6.4.1 (включая) до 6.4.4 (включая)
cpe:2.3:a:zabbix:zabbix:6.4.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:beta6:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:rc3:*:*:*:*:*:*
cpe:2.3:a:zabbix:zabbix:6.4.0:rc4:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.00755
Низкий

5.9 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-400
CWE-770

Связанные уязвимости

ubuntu логотип

CVE-2023-29449

CVSS3: 5.9
ubuntu
больше 2 лет назад

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access.

debian логотип

CVE-2023-29449

CVSS3: 5.9
debian
больше 2 лет назад

JavaScript preprocessing, webhooks and global scripts can cause uncont ...

github логотип

GHSA-7q7m-r84j-6pm2

CVSS3: 5.9
github
больше 2 лет назад

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access.

fstec логотип

BDU:2024-06939

CVSS3: 4.9
fstec
около 3 лет назад

Уязвимость универсальной системы мониторинга Zabbix, связанная с выделением неограниченной памяти, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 73%
0.00755
Низкий

5.9 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-400
CWE-770