ROS-20240910-06

A vulnerability in the Zabbix universal monitoring system is related to improper code generation controls.
Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code

Zabbix universal monitoring system vulnerability is related to the ability to directly modify memory pointers in JavaScript engine.
memory pointers in the JavaScript engine. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code

Zabbix universal monitoring system vulnerability is related to the ability to launch a test SMS by providing a specially crafted phone number and execute arbitrary code.
a specially crafted phone number, and execute additional AT commands on a modem. Exploitation of the
of the vulnerability could allow an attacker acting remotely to execute arbitrary code

A vulnerability in the Zabbix universal monitoring system is related to the use of excessive resources without proper limitation or control.
properly restricted or controlled. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
remotely to cause a denial of service

A vulnerability in the Zabbix Universal Monitoring System is related to improper permission retention.
Exploitation of the vulnerability could allow an attacker to affect the integrity and availability of the
application

Zabbix Universal Monitoring System vulnerability is related to the ability to view unprotected text passwords in the audit log.
text passwords in the audit log, where passwords are displayed as plain text. Exploitation
of the vulnerability could allow a remote attacker to gain access to sensitive information.
information