The Zabbix server and proxy, when performing SSH simple checks via the ssh.run[] item employing keys, do not perform the validation and verification of the target peer, which allows for the prospect of a malicious actor on the network to impersonate the target machine and successfully intercept the traffic transported over the secure channel.

A properly designed and performed attack can carry out the theft of information transparently to the monitoring system.

This change requires adding extra steps to the session establishing part of the code for the server/proxy and possibly adding some code to the frontend, if customization is required by the user.

All versions of Zabbix that provide SSH checks are affected.