Zabbix Security Vulnerabilities and Issues — Zabbix CVE List

Lucene search

ZabbixZabbix

5 matches found

CVE•added 2019/08/17 6:15 p.m.•281 views

CVE-2019-15132

Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of ...

5.3CVSS5.8AI score0.00412EPSS

CVE•added 2019/10/09 2:15 p.m.•141 views

CVE-2019-17382

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboar...

9.1CVSS9AI score0.9355EPSS

CVE•added 2019/12/11 7:15 p.m.•88 views

CVE-2013-5743

Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.

9.8CVSS9.9AI score0.82373EPSS

CVE•added 2019/02/17 4:29 p.m.•64 views

CVE-2016-10742

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.

6.1CVSS6.6AI score0.00421EPSS

CVE•added 2019/11/30 2:15 a.m.•56 views

CVE-2013-7484

Zabbix before 5.0 represents passwords in the users table with unsalted MD5.

7.5CVSS7.9AI score0.00212EPSS