Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-2311-1:2A274
HistoryAug 03, 2020 - 3:05 p.m.

[SECURITY] [DLA 2311-1] zabbix security update

2020-08-0315:05:45
lists.debian.org
8

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.081 Low

EPSS

Percentile

94.2%

JSON

Debian LTS Advisory DLA-2311-1 [email protected]
https://www.debian.org/lts/security/ Chris Lamb
August 3, 2020 https://wiki.debian.org/LTS

Package : zabbix
Version : 1:3.0.7+dfsg-3+deb9u1
CVE ID : CVE-2020-15803
Debian Bug : #966146

It was discovered that there was a potential cross-site scripting
vulnerability via iframe HTML elements in Zabbix, a PHP-based
monitoring system.

For Debian 9 "Stretch", this problem has been fixed in version
1:3.0.7+dfsg-3+deb9u1.

We recommend that you upgrade your zabbix packages.

For the detailed security status of zabbix please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/zabbix

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian9armhfzabbix-server-pgsql< 1:3.0.7+dfsg-3+deb9u1zabbix-server-pgsql_1:3.0.7+dfsg-3+deb9u1_armhf.deb
Debian10armhfzabbix-server-mysql< 1:4.0.4+dfsg-1+deb10u1zabbix-server-mysql_1:4.0.4+dfsg-1+deb10u1_armhf.deb
Debian10arm64zabbix-proxy-pgsql< 1:4.0.4+dfsg-1+deb10u1zabbix-proxy-pgsql_1:4.0.4+dfsg-1+deb10u1_arm64.deb
Debian9armhfzabbix-server-mysql< 1:3.0.32+dfsg-0+deb9u1zabbix-server-mysql_1:3.0.32+dfsg-0+deb9u1_armhf.deb
Debian10arm64zabbix-server-pgsql< 1:4.0.4+dfsg-1+deb10u1zabbix-server-pgsql_1:4.0.4+dfsg-1+deb10u1_arm64.deb
Debian9armelzabbix-server-mysql< 1:3.0.32+dfsg-0+deb9u1zabbix-server-mysql_1:3.0.32+dfsg-0+deb9u1_armel.deb
Debian10amd64zabbix-proxy-sqlite3< 1:4.0.4+dfsg-1+deb10u1zabbix-proxy-sqlite3_1:4.0.4+dfsg-1+deb10u1_amd64.deb
Debian9armhfzabbix-proxy-sqlite3< 1:3.0.7+dfsg-3+deb9u1zabbix-proxy-sqlite3_1:3.0.7+dfsg-3+deb9u1_armhf.deb
Debian10amd64zabbix-agent< 1:4.0.4+dfsg-1+deb10u1zabbix-agent_1:4.0.4+dfsg-1+deb10u1_amd64.deb
Debian9i386zabbix-proxy-sqlite3< 1:3.0.7+dfsg-3+deb9u1zabbix-proxy-sqlite3_1:3.0.7+dfsg-3+deb9u1_i386.deb
Rows per page:
1-10 of 931

Related

ubuntucve 1
packetstorm 1
openvas 9
nessus 9
debiancve 1
fedora 2
osv 5
prion 1
cve 1
exploitdb 1
suse 3
debian 3
ubuntu 1
ubuntucve
ubuntucve
CVE-2020-15803
2020-07-17 00:00:00
packetstorm
packetstorm
Zabbix 5.0.0 Cross Site Scripting
2020-12-04 00:00:00
openvas
openvas
Fedora: Security Advisory for zabbix (FEDORA-2020-02cf7850ca)
2020-07-31 00:00:00
Debian: Security Advisory (DLA-2311-1)
2020-08-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2251-1)
2021-04-19 00:00:00
nessus
nessus
Fedora 32 : 1:zabbix (2020-02cf7850ca)
2020-07-30 00:00:00
SUSE SLES12 Security Update : zabbix (SUSE-SU-2020:2251-1)
2020-08-18 00:00:00
Fedora 31 : 1:zabbix (2020-519516feec)
2020-07-30 00:00:00
debiancve
debiancve
CVE-2020-15803
2020-07-17 03:15:00
fedora
fedora
[SECURITY] Fedora 32 Update: zabbix-4.0.22-1.fc32
2020-07-30 17:53:43
[SECURITY] Fedora 31 Update: zabbix-4.0.22-1.fc31
2020-07-28 15:03:33
osv
osv
CVE-2020-15803
2020-07-17 03:15:11
zabbix - security update
2020-08-03 00:00:00
zabbix - security update
2021-04-21 00:00:00
prion
prion
Design/Logic Flaw
2020-07-17 03:15:00
cve
cve
CVE-2020-15803
2020-07-17 03:15:00
exploitdb
exploitdb
Zabbix 5.0.0 - Stored XSS via URL Widget Iframe
2020-12-04 00:00:00
suse
suse
Security update for zabbix (moderate)
2020-10-04 00:00:00
Security update for zabbix (moderate)
2022-02-16 00:00:00
Security update for MozillaThunderbird (important)
2022-03-01 00:00:00
debian
debian
[SECURITY] [DLA 2631-1] zabbix security update
2021-04-21 14:41:32
[SECURITY] [DLA 3390-1] zabbix security update
2023-04-12 13:46:20
[SECURITY] [DLA 3390-1] zabbix security update
2023-04-12 13:36:51
ubuntu
ubuntu
Zabbix vulnerabilities
2022-06-15 00:00:00

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.081 Low

EPSS

Percentile

94.2%

JSON
Related for DEBIAN:DLA-2311-1:2A274
ubuntucve1packetstorm1openvas9nessus9debiancve1fedora2osv5prion1cve1exploitdb1suse3debian3ubuntu1