[ZBX-12074] Security vulnerability findings - ZABBIX SUPPORT

XML

Word

Printable

Details

Type: Incident report
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.20
Fix Version/s: None
Component/s: Server (S)
Labels:
None
Environment:
Zabbix 2.4

Team:
Team C
Sprint:
Sprint 4, Sprint 5
Story Points:
0

Description

These vulnerabilities were discovered by Lilith Wyatt, Cisco Systems.
Findings are related to Zabbix version 2.4.
If reproducible on current version please fix.
Patch for 2.4 version is out of scope.

Attachments

Sub-Tasks

Progress

1.	Bug 1. Zabbix Server Remote Code Execution ( CVSS: 10, SIR: Critical )		Closed	Unassigned
2.	Bug 2. Active Zabbix Proxy MITM Database Overwrite (CVSS 6.8: SIR: High)		Closed	Unassigned

Activity

People

Assignee:: Unassigned

Reporter:: Rostislav Palivoda

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2017 Mar 22 14:42

Updated:: 2017 May 30 17:51

Resolved:: 2017 Apr 12 09:52