Zabbix up to 5.0.43/6.0.33/6.4.18/7.0.3 sysmapelementurlid denial of service

Summaryinfo

A vulnerability marked as problematic has been reported in Zabbix up to 5.0.43/6.0.33/6.4.18/7.0.3. This impacts an unknown function. Performing a manipulation of the argument sysmapelementurlid results in denial of service. This vulnerability is known as CVE-2024-22117. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as problematic, was found in Zabbix up to 5.0.43/6.0.33/6.4.18/7.0.3. This affects an unknown code. The manipulation of the argument sysmapelementurlid with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability. The summary by CVE is:

When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element.

The advisory is shared at support.zabbix.com. This vulnerability is uniquely identified as CVE-2024-22117 since 01/05/2024. The exploitability is told to be difficult. It is possible to initiate the attack remotely. The exploitation requires an enhanced level of successful authentication. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1499 for this issue.

The vulnerability scanner Nessus provides a plugin with the ID 239993 (TencentOS Server 4: zabbix (TSSA-2024:1129)), which helps to determine the existence of the flaw in a target environment.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (239993). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Network Management Software

Name

• Zabbix

Version

• 5.0.0
• 5.0.1
• 5.0.2
• 5.0.3
• 5.0.4
• 5.0.5
• 5.0.6
• 5.0.7
• 5.0.8
• 5.0.9
• 5.0.10
• 5.0.11
• 5.0.12
• 5.0.13
• 5.0.14
• 5.0.15
• 5.0.16
• 5.0.17
• 5.0.18
• 5.0.19
• 5.0.20
• 5.0.21
• 5.0.22
• 5.0.23
• 5.0.24
• 5.0.25
• 5.0.26
• 5.0.27
• 5.0.28
• 5.0.29
• 5.0.30
• 5.0.31
• 5.0.32
• 5.0.33
• 5.0.34
• 5.0.35
• 5.0.36
• 5.0.37
• 5.0.38
• 5.0.39
• 5.0.40
• 5.0.41
• 5.0.42
• 5.0.43
• 6.0.0
• 6.0.1
• 6.0.2
• 6.0.3
• 6.0.4
• 6.0.5
• 6.0.6
• 6.0.7
• 6.0.8
• 6.0.9
• 6.0.10
• 6.0.11
• 6.0.12
• 6.0.13
• 6.0.14
• 6.0.15
• 6.0.16
• 6.0.17
• 6.0.18
• 6.0.19
• 6.0.20
• 6.0.21
• 6.0.22
• 6.0.23
• 6.0.24
• 6.0.25
• 6.0.26
• 6.0.27
• 6.0.28
• 6.0.29
• 6.0.30
• 6.0.31
• 6.0.32
• 6.0.33
• 6.4.0
• 6.4.1
• 6.4.2
• 6.4.3
• 6.4.4
• 6.4.5
• 6.4.6
• 6.4.7
• 6.4.8
• 6.4.9
• 6.4.10
• 6.4.11
• 6.4.12
• 6.4.13
• 6.4.14
• 6.4.15
• 6.4.16
• 6.4.17
• 6.4.18
• 7.0.0
• 7.0.1
• 7.0.2
• 7.0.3

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion