Lucene search
HistoryMay 08, 2014 - 2:29 p.m.
CVE-2014-1682
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.9%
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.
Affected configurations
Node
zabbixzabbixRange≤1.8.19
ORzabbixzabbixMatch1.8
ORzabbixzabbixMatch1.8.1
ORzabbixzabbixMatch1.8.2
ORzabbixzabbixMatch1.8.3rc1
ORzabbixzabbixMatch1.8.3rc2
ORzabbixzabbixMatch1.8.3rc3
ORzabbixzabbixMatch1.8.15rc1
ORzabbixzabbixMatch1.8.16
ORzabbixzabbixMatch1.8.18
ORzabbixzabbixMatch2.0.0
ORzabbixzabbixMatch2.0.0rc1
ORzabbixzabbixMatch2.0.0rc2
ORzabbixzabbixMatch2.0.0rc3
ORzabbixzabbixMatch2.0.0rc4
ORzabbixzabbixMatch2.0.0rc5
ORzabbixzabbixMatch2.0.0rc6
ORzabbixzabbixMatch2.0.1
ORzabbixzabbixMatch2.0.1rc1
ORzabbixzabbixMatch2.0.1rc2
ORzabbixzabbixMatch2.0.2
ORzabbixzabbixMatch2.0.2rc1
ORzabbixzabbixMatch2.0.2rc2
ORzabbixzabbixMatch2.0.3
ORzabbixzabbixMatch2.0.3rc1
ORzabbixzabbixMatch2.0.3rc2
ORzabbixzabbixMatch2.0.4
ORzabbixzabbixMatch2.0.4rc1
ORzabbixzabbixMatch2.0.5
ORzabbixzabbixMatch2.0.5rc1
ORzabbixzabbixMatch2.0.6
ORzabbixzabbixMatch2.0.6rc1
ORzabbixzabbixMatch2.0.7rc1
ORzabbixzabbixMatch2.0.8rc1
ORzabbixzabbixMatch2.0.8rc2
ORzabbixzabbixMatch2.0.9rc1
ORzabbixzabbixMatch2.0.9rc2
ORzabbixzabbixMatch2.0.10rc1
ORzabbixzabbixMatch2.2.0-
ORzabbixzabbixMatch2.2.0rc1
ORzabbixzabbixMatch2.2.0rc2
ORzabbixzabbixMatch2.2.1
ORzabbixzabbixMatch2.2.1-
ORzabbixzabbixMatch2.2.1rc1
ORfedoraprojectfedoraMatch19
ORfedoraprojectfedoraMatch20
Related
ubuntucve
ubuntucve
CVE-2014-1682
2014-05-08 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-05-08 14:29:00
cve
cve
CVE-2014-1682
2014-05-08 14:29:14
cvelist
cvelist
CVE-2014-1682
2014-05-08 14:00:00
debiancve
debiancve
CVE-2014-1682
2014-05-08 14:29:14
nessus
nessus
Fedora 20 : zabbix-2.0.11-3.fc20 (2014-5540)
2014-05-02 00:00:00
Zabbix < 1.8.20 / 2.0.11 / 2.2.2 Multiple Vulnerabilities
2014-03-03 00:00:00
Fedora 19 : zabbix-2.0.11-3.fc19 (2014-5551)
2014-05-02 00:00:00
mageia
mageia
Updated zabbix packages fix multiple vulnerabilities
2014-02-26 01:31:27
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0095)
2022-01-28 00:00:00
Fedora Update for zabbix FEDORA-2014-5540
2014-05-05 00:00:00
Fedora Update for zabbix FEDORA-2014-5540
2014-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: zabbix-2.0.11-3.fc20
2014-05-01 22:21:14
[SECURITY] Fedora 19 Update: zabbix-2.0.11-3.fc19
2014-05-01 22:20:47
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.9%
Related for NVD:CVE-2014-1682