Количество 9
Количество 9
GHSA-phjj-9p2g-26h9
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.
CVE-2024-42332
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.
CVE-2024-42332
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.
CVE-2024-42332
The researcher is showing that due to the way the SNMP trap log is par ...
BDU:2024-10773
Уязвимость демона snmptrapd универсальной системы мониторинга Zabbix, позволяющая нарушителю осуществить подмену пользовательского интерфейса
ROS-20250326-08
Множественные уязвимости zabbix7-lts-server-pgsql
ROS-20250326-07
Множественные уязвимости zabbix7-lts-server-mysql
ROS-20250110-06
Множественные уязвимости zabbix-server-pgsql
ROS-20250110-05
Множественные уязвимости zabbix-server-mysql
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-phjj-9p2g-26h9 The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host. | CVSS3: 3.7 | 0% Низкий | 7 месяцев назад |
 | CVE-2024-42332 The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host. | CVSS3: 3.7 | 0% Низкий | 7 месяцев назад |
 | CVE-2024-42332 The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host. | CVSS3: 3.7 | 0% Низкий | 7 месяцев назад |
| CVE-2024-42332 The researcher is showing that due to the way the SNMP trap log is par ... | CVSS3: 3.7 | 0% Низкий | 7 месяцев назад |
 | BDU:2024-10773 Уязвимость демона snmptrapd универсальной системы мониторинга Zabbix, позволяющая нарушителю осуществить подмену пользовательского интерфейса | CVSS3: 3.7 | 0% Низкий | 7 месяцев назад |
 | ROS-20250326-08 Множественные уязвимости zabbix7-lts-server-pgsql | CVSS3: 9.1 | 3 месяца назад | |
| ROS-20250326-07 Множественные уязвимости zabbix7-lts-server-mysql | CVSS3: 9.1 | 3 месяца назад | |
| ROS-20250110-06 Множественные уязвимости zabbix-server-pgsql | CVSS3: 9.1 | 5 месяцев назад | |
| ROS-20250110-05 Множественные уязвимости zabbix-server-mysql | CVSS3: 9.1 | 5 месяцев назад |
Уязвимостей на страницу