CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H
AI Score
Confidence
Low
A vulnerability in the Zabbix universal monitoring system is related to improper code generation controls.
Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
Zabbix universal monitoring system vulnerability is related to the ability to directly modify memory pointers in JavaScript engine.
memory pointers in the JavaScript engine. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code
Zabbix universal monitoring system vulnerability is related to the ability to launch a test SMS by providing a specially crafted phone number and execute arbitrary code.
a specially crafted phone number, and execute additional AT commands on a modem. Exploitation of the
of the vulnerability could allow an attacker acting remotely to execute arbitrary code
A vulnerability in the Zabbix universal monitoring system is related to the use of excessive resources without proper limitation or control.
properly restricted or controlled. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
remotely to cause a denial of service
A vulnerability in the Zabbix Universal Monitoring System is related to improper permission retention.
Exploitation of the vulnerability could allow an attacker to affect the integrity and availability of the
application
Zabbix Universal Monitoring System vulnerability is related to the ability to view unprotected text passwords in the audit log.
text passwords in the audit log, where passwords are displayed as plain text. Exploitation
of the vulnerability could allow a remote attacker to gain access to sensitive information.
information