Lucene search

K
redosRedosROS-20240329-23
HistoryMar 29, 2024 - 12:00 a.m.

ROS-20240329-23

2024-03-2900:00:00
redos.red-soft.ru
3
zabbix
monitoring system
input validation
buffer boundaries
code execution
permissions
vulnerability
remote attacker
cross-site scripting
unix

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.8%

The vulnerability in the interface of Zabbix universal monitoring system is related to insufficient input data validation when processing the URL field of Maps element.
data when processing the URL field of the Maps element. Exploitation of the vulnerability could allow an attacker,
acting remotely, to conduct cross-site scripted attacks

Vulnerability in the zabbix/src/libs/zbxjson module of the Zabbix universal monitoring system is related to an operation exceeding the buffer boundaries.
operation out of buffer boundaries. Exploitation of the vulnerability could allow a remote attacker,
execute arbitrary code

Vulnerability of Zabbix universal monitoring system agent is related to incorrect control of code generation.
code generation. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code.
code

Vulnerability of the Zabbix Universal Monitoring System agent is related to incorrect assignment of permissions for a critical resource.
critical resource. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64zabbix-lts-agent<= 6.0.24-3UNKNOWN

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.8%