Lucene search
HistoryMay 08, 2014 - 2:29 p.m.
CVE-2014-1682
zabbix
api
remote access
user authentication
security vulnerability
cve-2014-1682
8.8 High
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
53.7%
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.
Related
cvelist
cvelist
CVE-2014-1682
2014-05-08 14:00:00
prion
prion
Cross site request forgery (csrf)
2014-05-08 14:29:00
ubuntucve
ubuntucve
CVE-2014-1682
2014-05-08 00:00:00
debiancve
debiancve
CVE-2014-1682
2014-05-08 14:29:00
nessus
nessus
Fedora 19 : zabbix-2.0.11-3.fc19 (2014-5551)
2014-05-02 00:00:00
Fedora 20 : zabbix-2.0.11-3.fc20 (2014-5540)
2014-05-02 00:00:00
Zabbix < 1.8.20 / 2.0.11 / 2.2.2 Multiple Vulnerabilities
2014-03-03 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0095)
2022-01-28 00:00:00
Fedora Update for zabbix FEDORA-2014-5540
2014-05-05 00:00:00
Fedora Update for zabbix FEDORA-2014-5540
2014-05-05 00:00:00
mageia
mageia
Updated zabbix packages fix multiple vulnerabilities
2014-02-26 01:31:27
fedora
fedora
[SECURITY] Fedora 20 Update: zabbix-2.0.11-3.fc20
2014-05-01 22:21:14
[SECURITY] Fedora 19 Update: zabbix-2.0.11-3.fc19
2014-05-01 22:20:47
8.8 High
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
53.7%
Related for CVE-2014-1682