Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-3840

Path Disclosure Vulnerability

    XMLWordPrintable

Details

    • Incident report
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 1.8.6
    • Frontend (F)
    • None
    • All

    Description

      By changing the request parameter to something invalid an error message is produced disclosing the location/path of the zabbix install.

      This is an information leakage / path disclosure vulnerability....not a huge deal but should be fixed time permitting.

      Attachments

        Issue Links

          is duplicated by

          Incident report - Incident report ZBX-4668 Path disclosure vulnerability when use API

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Unassigned Unassigned
              infosec01 Damian Tommasino
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: