Unauthenticated Zabbix frontend takeover when SSO is being used (CVE-2024-36466)

XMLWordPrintable

      A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.

            Assignee:
            Zabbix Support Team
            Reporter:
            Vjaceslavs Bogdanovs
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: