Exposición de Zabbix
Miscellaneous23
score de exposición
4
sitios usan
0
en explotación
9
críticos
CVEs
70 resultadosCVE-2024-36466HIGHUnauthenticated Zabbix frontend takeover when SSO is being usedEPSS 0.7%CVE-2024-36467HIGHAuthentication privilege escalation via user groups due to missing authorization checksEPSS 0.7%CVE-2023-32722CRITICALStack-buffer Overflow in library module zbxjsonEPSS 0.7%CVE-2023-32726LOWPossible buffer overread from reading DNS responsesEPSS 0.7%CVE-2023-29451MEDIUMDenial of service caused by a bug in the JSON parserEPSS 0.7%CVE-2024-22119MEDIUMStored XSS in graph items select formEPSS 0.7%CVE-2023-29458MEDIUMDuktape 2.6 bug crashes JavaScript putting too many values in valstack.EPSS 0.6%CVE-2024-42332LOWNew line injection in Zabbix SNMP trapsEPSS 0.6%CVE-2024-42333LOWHeap buffer over-readEPSS 0.6%CVE-2024-36460HIGHFront-end audit log shows passwords in plaintextEPSS 0.6%CVE-2023-32721HIGHStored XSS in Maps elementEPSS 0.6%CVE-2023-32724CRITICALJavaScript engine memory pointers are directly available for Zabbix users for modificationEPSS 0.6%CVE-2024-22114MEDIUMSystem Information Widget in Global View Dashboard exposes information about Hosts to Users without PermissionEPSS 0.6%CVE-2024-22123LOWZabbix Arbitrary File ReadEPSS 0.6%CVE-2023-32723HIGHInefficient permission check in class CControllerAuthenticationUpdateEPSS 0.6%CVE-2023-29455MEDIUMReflected XSS in several fields of graph formEPSS 0.6%CVE-2024-36464LOWMedia Types: Office365, SMTP passwords are unencrypted and visible in plaintext when exportedEPSS 0.5%CVE-2023-29457MEDIUMInsufficient validation of Action form input fieldsEPSS 0.5%CVE-2024-36468LOWStack buffer overflow in zbx_snmp_cache_handle_engineidEPSS 0.5%CVE-2024-22117LOWValue of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs is addedEPSS 0.5%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →