Zabbix up to 1.8.20/2.0.12/2.2.4/2.3.1 XML Data XML Request xml external entity reference

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in Zabbix up to 1.8.20/2.0.12/2.2.4/2.3.1 (Network Management Software). Affected is an unknown part of the component XML Data Handler. Upgrading to version 1.8.21rc1, 2.0.13rc1, 2.2.5rc1 or 2.3.2 eliminates this vulnerability. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1087391502/02/2021VulD...cvss2_nvd_basescore7.5nist.gov02/02/2021accepted90
1087391402/02/2021VulD...price_0day$0-$5ksee documentation02/02/2021accepted90
1087391302/02/2021VulD...person_namepnig0ssecurityfocus.com02/02/2021accepted70
753149907/30/2020VulD...date1403308800 (06/21/2014)07/30/2020accepted100
753145407/30/2020VulD...discoverydate140296320007/30/2020accepted100
753152702/02/2018VulD...cvss3_nvd_basescore9.8nist.gov02/02/2018accepted90
753152602/02/2018VulD...0day_days402/02/2018accepted90
753152502/02/2018VulD...cvss3_vuldb_rcX02/02/2018accepted90
753152402/02/2018VulD...cvss3_vuldb_rlO02/02/2018accepted90
753152302/02/2018VulD...cvss3_vuldb_eX02/02/2018accepted90
753152202/02/2018VulD...cvss2_vuldb_rcND02/02/2018accepted90
753152102/02/2018VulD...cvss2_vuldb_rlOF02/02/2018accepted90
753152002/02/2018VulD...cvss2_vuldb_eND02/02/2018accepted90
753151902/02/2018VulD...openvas_familyFedora Local Security Checks02/02/2018accepted100
753151802/02/2018VulD...openvas_titleFedora Update for zabbix FEDORA-2014-760302/02/2018accepted100
753151702/02/2018VulD...openvas_filenamegb_fedora_2014_7603_zabbix_fc19.nasl02/02/2018accepted100
753151602/02/2018VulD...openvas_id86777302/02/2018accepted100
753151502/02/2018VulD...nessus_date1404172800 (07/01/2014)tenable.com02/02/2018accepted100
753151402/02/2018VulD...nessus_typelocaltenable.com02/02/2018accepted100
753151302/02/2018VulD...nessus_familyFedora Local Security Checkstenable.com02/02/2018accepted100

Do you know our Splunk app?

Download it now for free!