Lucene search
PRIOn knowledge basePRION:CVE-2017-2825HistoryApr 20, 2018 - 9:29 p.m.
Design/Logic Flaw
2018-04-2021:29:00
PRIOn knowledge base
www.prio-n.com
5
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 9.0 | |
| zabbix | ge | 2.4.0 | |
| zabbix | le | 2.4.8 |
Related
cvelist
cvelist
CVE-2017-2825
2018-04-20 00:00:00
talos
talos
Zabbix Proxy Server SQL Database Write Vulnerability
2017-04-27 00:00:00
seebug
seebug
Zabbix Proxy Server SQL Database Write Vulnerability (CVE-2017-2825)
2017-04-28 00:00:00
ubuntucve
ubuntucve
CVE-2017-2825
2018-04-20 00:00:00
debiancve
debiancve
CVE-2017-2825
2018-04-20 21:29:00
cve
cve
CVE-2017-2825
2018-04-20 21:29:00
nvd
nvd
CVE-2017-2825
2018-04-20 21:29:00
openvas
openvas
Zabbix Multiple Vulnerabilities (CVE-2017-2824, CVE-2017-2825)
2017-04-28 00:00:00
Debian: Security Advisory (DSA-3937-1)
2017-08-11 00:00:00
Ubuntu: Security Advisory (USN-4767-1)
2023-01-27 00:00:00
osv
osv
zabbix - security update
2017-08-12 00:00:00
zabbix vulnerabilities
2022-06-15 08:28:18
debian
debian
[SECURITY] [DSA 3937-1] zabbix security update
2017-08-12 00:23:57
nessus
nessus
Zabbix 2.0.x < 2.0.21 / 2.2.x < 2.2.18 / 3.0.x < 3.0.9 / 3.2.x < 3.2.5 Multiple Vulnerabilities
2017-06-05 00:00:00
Debian DSA-3937-1 : zabbix - security update
2017-08-14 00:00:00
ubuntu
ubuntu
Zabbix vulnerabilities
2022-06-15 00:00:00