Описание
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 1:6.0.29+dfsg-1 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| lunar | ignored | end of life, was needs-triage |
Показывать по
10
EPSS
Процентиль: 60%
0.004
Низкий
6.8 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.8
nvd
больше 1 года назад
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
CVSS3: 6.8
debian
больше 1 года назад
An attacker who has the privilege to configure Zabbix items can use fu ...
CVSS3: 7.2
fstec
больше 1 года назад
Уязвимость функции icmpping универсальной системы мониторинга Zabbix, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 60%
0.004
Низкий
6.8 Medium
CVSS3