CVE-2023-32727

Опубликовано: 18 дек. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 6.8

Описание

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	not-affected	1:6.0.29+dfsg-1
esm-apps/bionic	not-affected	code not present
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
focal	ignored	end of standard support, was needed
jammy	needed
lunar	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 64%

0.00464

Низкий

6.8 Medium

CVSS3

Связанные уязвимости

CVE-2023-32727

CVSS3: 6.8

nvd

около 2 лет назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CVE-2023-32727

CVSS3: 6.8

debian

около 2 лет назад

An attacker who has the privilege to configure Zabbix items can use fu ...

openSUSE-SU-2023:0419-1

suse-cvrf

почти 2 года назад

Security update for zabbix

openSUSE-SU-2023:0418-1

suse-cvrf

почти 2 года назад

Security update for zabbix

GHSA-8h32-vcmm-pcx8

CVSS3: 7.2

github

почти 2 года назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

EPSS

Процентиль: 64%

0.00464

Низкий

6.8 Medium

CVSS3

CVE-2023-32727

Описание

Пакет zabbix

Ссылки на источники

Связанные уязвимости