Lucene search

PRIOn knowledge basePRION:CVE-2023-29451

HistoryJul 13, 2023 - 10:15 a.m.

Buffer overflow

2023-07-1310:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

14.1%

JSON

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.

CPENameOperatorVersion
zabbixeq6.4.0 rc2
zabbixeq6.4.0 rc3
zabbixeq6.4.0 rc4
zabbixeq6.4.0 beta1
zabbixeq6.4.0 beta2
zabbixeq6.4.0 beta3
zabbixeq6.4.0 beta4
zabbixeq6.4.0 beta5
zabbixeq6.4.0 beta6
zabbixeq6.4.0 alpha1

Name	Operator	Version
zabbix	eq	6.4.0 rc2
zabbix	eq	6.4.0 rc3
zabbix	eq	6.4.0 rc4
zabbix	eq	6.4.0 beta1
zabbix	eq	6.4.0 beta2
zabbix	eq	6.4.0 beta3
zabbix	eq	6.4.0 beta4
zabbix	eq	6.4.0 beta5
zabbix	eq	6.4.0 beta6
zabbix	eq	6.4.0 alpha1

Rows per page:

1-10 of 131

References

lists.debian.org/debian-lts-announce/2023/08/msg00027.html

support.zabbix.com/browse/ZBX-22587

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

14.1%

JSON

Related for PRION:CVE-2023-29451