3 matches found
Vulnerability fixed in Zabbix
A vulnerability has been fixed in Zabbix. The vulnerability is in how the CUser class handles the addRelatedObjects function. This could allow non-administrators with API access to perform an SQL injection, which could lead to unauthorized access to sensitive data. The vulnerability could enable...
UBUNTU-CVE-2024-42327
A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is availabl...
Zabbix SQL注入漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A SQL injection vulnerability exists in Zabbix versions 6.0.0 through 6.0.31, 6.4.0 through 6.4.16, and 7.0.0. The vulnerability stems fr...