ZABBIX Server — свободная система мониторинга статусов разнообразных сервисов компьютерной сети, серверов и сетевого оборудования

Релизный цикл, информация об уязвимостях

Продукт: ZABBIX Server

Вендор: zabbix

График релизов

Недавние уязвимости ZABBIX Server

Количество 8

openSUSE-SU-2023:0419-1

больше 1 года назад

Security update for zabbix

EPSS: Низкий

openSUSE-SU-2023:0418-1

больше 1 года назад

Security update for zabbix

EPSS: Низкий

CVE-2023-32727

больше 1 года назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CVSS3: 6.8

EPSS: Низкий

CVE-2023-32727

больше 1 года назад

An attacker who has the privilege to configure Zabbix items can use fu ...

CVSS3: 6.8

EPSS: Низкий

CVE-2023-32725

больше 1 года назад

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.

CVSS3: 9.6

EPSS: Низкий

CVE-2023-32725

больше 1 года назад

The website configured in the URL widget will receive a session cookie ...

CVSS3: 9.6

EPSS: Низкий

CVE-2023-32727

больше 1 года назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CVSS3: 6.8

EPSS: Низкий

CVE-2023-32725

больше 1 года назад

CVSS3: 9.6

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
openSUSE-SU-2023:0419-1 Security update for zabbix		0% Низкий	больше 1 года назад
openSUSE-SU-2023:0418-1 Security update for zabbix		0% Низкий	больше 1 года назад
CVE-2023-32727 An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.	CVSS3: 6.8	0% Низкий	больше 1 года назад
CVE-2023-32727 An attacker who has the privilege to configure Zabbix items can use fu ...	CVSS3: 6.8	0% Низкий	больше 1 года назад
CVE-2023-32725 The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.	CVSS3: 9.6	0% Низкий	больше 1 года назад
CVE-2023-32725 The website configured in the URL widget will receive a session cookie ...	CVSS3: 9.6	0% Низкий	больше 1 года назад
CVE-2023-32727 An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.	CVSS3: 6.8	0% Низкий	больше 1 года назад
CVE-2023-32725 The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.	CVSS3: 9.6	0% Низкий	больше 1 года назад

Уязвимостей на страницу