Lucene search
HistoryOct 12, 2023 - 7:15 a.m.
CVE-2023-32723
cve-2023-32723
ldap request
user permissions
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.2%
Request to LDAP is sent before user permissions are checked.
Affected configurations
Node
zabbixzabbixRange4.0.0–4.0.19
ORzabbixzabbixRange4.4.0–4.4.7
ORzabbixzabbixMatch4.0.19rc1
ORzabbixzabbixMatch4.4.7rc1
ORzabbixzabbixMatch5.0.0alpha3
Related
cve
cve
CVE-2023-32723
2023-10-12 07:15:10
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2023-10-12 07:15:00
osv
osv
CVE-2023-32723
2023-10-12 07:15:10
zabbix - security update
2024-01-24 00:00:00
ubuntucve
ubuntucve
CVE-2023-32723
2023-10-12 00:00:00
debiancve
debiancve
CVE-2023-32723
2023-10-12 07:15:10
debian
debian
[SECURITY] [DLA 3717-1] zabbix security update
2024-01-24 21:16:11
openvas
openvas
Debian: Security Advisory (DLA-3717-1)
2024-01-25 00:00:00
nessus
nessus
Debian dla-3717 : zabbix-agent - security update
2024-01-24 00:00:00
redos
redos
ROS-20240329-23
2024-03-29 00:00:00
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.2%
Related for NVD:CVE-2023-32723