Search criteria
6 vulnerabilities found for zabbix_server by zabbix
FKIE_CVE-2023-32725
Vulnerability from fkie_nvd - Published: 2023-12-18 10:15 - Updated: 2024-11-21 08:03
Severity ?
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.
References
| URL | Tags | ||
|---|---|---|---|
| security@zabbix.com | https://support.zabbix.com/browse/ZBX-23854 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.zabbix.com/browse/ZBX-23854 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zabbix | zabbix_server | * | |
| zabbix | zabbix_server | * | |
| zabbix | zabbix_server | 7.0.0 | |
| zabbix | zabbix_server | 7.0.0 | |
| zabbix | zabbix_server | 7.0.0 | |
| zabbix | frontend | * | |
| zabbix | frontend | * | |
| zabbix | frontend | 7.0.0 | |
| zabbix | frontend | 7.0.0 | |
| zabbix | frontend | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F99748EE-AE9C-4210-ABCD-10A5E6E7E58E",
"versionEndIncluding": "6.0.21",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A23392-9192-4CCA-BC7C-C4EEFB2C2B97",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "0DC55403-7711-4719-A309-2616586ED479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "1BB0DFCF-6ED3-4BA3-8B3F-D1F6D06A08DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "0B17E6DD-0DA4-4002-B2D2-C16EED6C97BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A064CA46-1D9A-434E-B099-B3477BA2D14D",
"versionEndIncluding": "6.0.21",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD82A00A-587E-4C1F-80CC-474A4A1D4A07",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:frontend:7.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "40AB0231-C1C8-4D97-96B7-E293DD7250A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:frontend:7.0.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "9E5DF882-2A9F-4881-A0F7-FFC804B65495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:frontend:7.0.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "79886648-EEC0-44B3-8788-2F0A65B1FB1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
},
{
"lang": "es",
"value": "El sitio web configurado en el widget de la URL recibir\u00e1 una cookie de sesi\u00f3n al probar o ejecutar informes programados. La cookie de sesi\u00f3n recibida se puede utilizar para acceder a la interfaz como usuario particular."
}
],
"id": "CVE-2023-32725",
"lastModified": "2024-11-21T08:03:55.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "security@zabbix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-18T10:15:06.550",
"references": [
{
"source": "security@zabbix.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zabbix.com/browse/ZBX-23854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"sourceIdentifier": "security@zabbix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-565"
}
],
"source": "security@zabbix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-565"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-32727
Vulnerability from fkie_nvd - Published: 2023-12-18 10:15 - Updated: 2025-11-03 22:16
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zabbix | zabbix_server | * | |
| zabbix | zabbix_server | * | |
| zabbix | zabbix_server | * | |
| zabbix | zabbix_server | * | |
| zabbix | zabbix_server | 7.0.0 | |
| zabbix | zabbix_server | 7.0.0 | |
| zabbix | zabbix_server | 7.0.0 | |
| zabbix | zabbix_server | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7513ABE2-B8AD-4E25-8EE5-29F07902B696",
"versionEndIncluding": "4.0.49",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBB16D3-006C-4EBF-9C10-D25158E606DD",
"versionEndIncluding": "5.0.38",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C79F088A-4743-4EBC-BF6F-5B7842CB21BB",
"versionEndIncluding": "6.0.22",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C048503B-E983-455E-9D4F-F0FA6E0D32F5",
"versionEndIncluding": "6.4.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "0DC55403-7711-4719-A309-2616586ED479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "1BB0DFCF-6ED3-4BA3-8B3F-D1F6D06A08DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "0B17E6DD-0DA4-4002-B2D2-C16EED6C97BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zabbix:zabbix_server:7.0.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "3358B565-5049-4373-9529-2F70F2F50AEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server."
},
{
"lang": "es",
"value": "Un atacante que tiene el privilegio de configurar elementos de Zabbix puede usar la funci\u00f3n icmpping() con un comando malicioso adicional dentro para ejecutar c\u00f3digo arbitrario en el servidor Zabbix actual."
}
],
"id": "CVE-2023-32727",
"lastModified": "2025-11-03T22:16:22.293",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "security@zabbix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-18T10:15:06.937",
"references": [
{
"source": "security@zabbix.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zabbix.com/browse/ZBX-23857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zabbix.com/browse/ZBX-23857"
}
],
"sourceIdentifier": "security@zabbix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security@zabbix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-32727 (GCVE-0-2023-32727)
Vulnerability from cvelistv5 – Published: 2023-12-18 09:18 – Updated: 2025-11-03 21:48
VLAI?
Summary
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
Severity ?
6.8 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Credits
This vulnerability is reported in HackerOne bounty hunter platform by Philippe Antoine (catenacyber)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:48:41.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23857"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T20:37:31.853611Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:37:43.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Server"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "4.0.50",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.49",
"status": "affected",
"version": "4.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "5.0.39",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.38",
"status": "affected",
"version": "5.0.0 ",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.23rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.22",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.8rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.7",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha7",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha6",
"status": "affected",
"version": "7.0.0alpha1",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "This vulnerability is reported in HackerOne bounty hunter platform by Philippe Antoine (catenacyber)"
}
],
"datePublic": "2023-11-06T12:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server."
}
],
"value": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T09:18:48.446Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23857"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Code execution vulnerability in icmpping",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32727",
"datePublished": "2023-12-18T09:18:48.446Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2025-11-03T21:48:41.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-32725 (GCVE-0-2023-32725)
Vulnerability from cvelistv5 – Published: 2023-12-18 09:15 – Updated: 2024-08-02 15:25
VLAI?
Summary
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.
Severity ?
9.6 (Critical)
CWE
- CWE-565 - Reliance on Cookies without Validation and Integrity Checking
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Server",
"Web service"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "6.0.22rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.21",
"status": "affected",
"version": "6.0.0 ",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.7rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha4",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha3",
"status": "affected",
"version": "7.0.0alpha1 ",
"versionType": "git"
}
]
}
],
"datePublic": "2023-11-06T08:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
}
],
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
},
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-565",
"description": "CWE-565 Reliance on Cookies without Validation and Integrity Checking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T09:15:23.931Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32725",
"datePublished": "2023-12-18T09:15:23.931Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2024-08-02T15:25:36.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32727 (GCVE-0-2023-32727)
Vulnerability from nvd – Published: 2023-12-18 09:18 – Updated: 2025-11-03 21:48
VLAI?
Summary
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
Severity ?
6.8 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Credits
This vulnerability is reported in HackerOne bounty hunter platform by Philippe Antoine (catenacyber)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:48:41.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23857"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T20:37:31.853611Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:37:43.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Server"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "4.0.50",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.49",
"status": "affected",
"version": "4.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "5.0.39",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.38",
"status": "affected",
"version": "5.0.0 ",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.23rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.22",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.8rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.7",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha7",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha6",
"status": "affected",
"version": "7.0.0alpha1",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "This vulnerability is reported in HackerOne bounty hunter platform by Philippe Antoine (catenacyber)"
}
],
"datePublic": "2023-11-06T12:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server."
}
],
"value": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T09:18:48.446Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23857"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Code execution vulnerability in icmpping",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32727",
"datePublished": "2023-12-18T09:18:48.446Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2025-11-03T21:48:41.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-32725 (GCVE-0-2023-32725)
Vulnerability from nvd – Published: 2023-12-18 09:15 – Updated: 2024-08-02 15:25
VLAI?
Summary
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.
Severity ?
9.6 (Critical)
CWE
- CWE-565 - Reliance on Cookies without Validation and Integrity Checking
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Server",
"Web service"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "6.0.22rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.21",
"status": "affected",
"version": "6.0.0 ",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.7rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha4",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha3",
"status": "affected",
"version": "7.0.0alpha1 ",
"versionType": "git"
}
]
}
],
"datePublic": "2023-11-06T08:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
}
],
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
},
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-565",
"description": "CWE-565 Reliance on Cookies without Validation and Integrity Checking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T09:15:23.931Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32725",
"datePublished": "2023-12-18T09:15:23.931Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2024-08-02T15:25:36.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}