5 matches found
Zabbix 6.0.x < 6.0.41 / 7.0.x < 7.0.17 / 7.2.x < 7.2.11 Information Disclosure (ZBX-27060)
The version of Zabbix Server installed on the remote host is affected by a vulnerability. A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access...
SUSE CVE-2025-27236
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...
CVE-2025-27236
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...
CVE-2025-27236
creationtimestamp| type| source ---|---|--- 2025-10-03 12:05:05+00:00| seen| Telegram/sPoXaszX-C6zYkPm8wyFahJvYxqt81rWs5VPcIj0fISpvQc...
CVE-2025-27236 User information disclosure via api_jsonrpc.php on method user.get with param search
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...