3 matches found
Zabbix 6.0.x < 6.0.41 / 7.0.x < 7.0.17 / 7.2.x < 7.2.11 Information Disclosure (ZBX-27060)
The version of Zabbix Server installed on the remote host is affected by a vulnerability. A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access...
SUSE CVE-2025-27236
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...
CVE-2025-27236 User information disclosure via api_jsonrpc.php on method user.get with param search
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...