Security vulnerability findings

XMLWordPrintable

    • Type: Incident report
    • Resolution: Fixed
    • Priority: Major
    • None
    • Affects Version/s: 2.0.20
    • Component/s: Server (S)
    • None
    • Environment:
      Zabbix 2.4
    • Sprint 4, Sprint 5
    • 0

      These vulnerabilities were discovered by Lilith Wyatt, Cisco Systems.
      Findings are related to Zabbix version 2.4.
      If reproducible on current version please fix.
      Patch for 2.4 version is out of scope.

        1.
        		 Bug 1. Zabbix Server Remote Code Execution ( CVSS: 10, SIR: Critical ) Sub-task Closed Unassigned
        2.
        		 Bug 2. Active Zabbix Proxy MITM Database Overwrite (CVSS 6.8: SIR: High) Sub-task Closed Unassigned

            Assignee:
            Unassigned
            Reporter:
            Rostislav Palivoda (Inactive)
            Team C
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: