ZABBIX Server — свободная система мониторинга статусов разнообразных сервисов компьютерной сети, серверов и сетевого оборудования

Релизный цикл, информация об уязвимостях

Продукт: ZABBIX Server

Вендор: zabbix

График релизов

Недавние уязвимости ZABBIX Server

Количество 9

openSUSE-SU-2023:0419-1

почти 2 года назад

Security update for zabbix

EPSS: Низкий

openSUSE-SU-2023:0418-1

почти 2 года назад

Security update for zabbix

EPSS: Низкий

GHSA-8h32-vcmm-pcx8

почти 2 года назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CVSS3: 7.2

EPSS: Низкий

CVE-2023-32727

около 2 лет назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CVSS3: 6.8

EPSS: Низкий

CVE-2023-32727

около 2 лет назад

An attacker who has the privilege to configure Zabbix items can use fu ...

CVSS3: 6.8

EPSS: Низкий

CVE-2023-32725

около 2 лет назад

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.

CVSS3: 9.6

EPSS: Низкий

CVE-2023-32725

около 2 лет назад

The website configured in the URL widget will receive a session cookie ...

CVSS3: 9.6

EPSS: Низкий

CVE-2023-32725

около 2 лет назад

CVSS3: 9.6

EPSS: Низкий

CVE-2023-32727

около 2 лет назад

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CVSS3: 6.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
openSUSE-SU-2023:0419-1 Security update for zabbix		0% Низкий	почти 2 года назад
openSUSE-SU-2023:0418-1 Security update for zabbix		0% Низкий	почти 2 года назад
GHSA-8h32-vcmm-pcx8 An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.	CVSS3: 7.2	0% Низкий	почти 2 года назад
CVE-2023-32727 An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.	CVSS3: 6.8	0% Низкий	около 2 лет назад
CVE-2023-32727 An attacker who has the privilege to configure Zabbix items can use fu ...	CVSS3: 6.8	0% Низкий	около 2 лет назад
CVE-2023-32725 The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.	CVSS3: 9.6	0% Низкий	около 2 лет назад
CVE-2023-32725 The website configured in the URL widget will receive a session cookie ...	CVSS3: 9.6	0% Низкий	около 2 лет назад
CVE-2023-32725 The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.	CVSS3: 9.6	0% Низкий	около 2 лет назад
CVE-2023-32727 An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.	CVSS3: 6.8	0% Низкий	около 2 лет назад

Уязвимостей на страницу