Zabbix up to 5.0.42/6.0.32/6.4.17/7.0.1rc1 API Endpoint improper authorization

Summaryinfo

A vulnerability identified as critical has been detected in Zabbix up to 5.0.42/6.0.32/6.4.17/7.0.1rc1. This affects an unknown function of the component API Endpoint. Performing a manipulation results in improper authorization. This vulnerability is cataloged as CVE-2024-36467. It is possible to initiate the attack remotely. There is no exploit available.

Detailsinfo

A vulnerability, which was classified as critical, was found in Zabbix up to 5.0.42/6.0.32/6.4.17/7.0.1rc1. This affects some unknown functionality of the component API Endpoint. The manipulation with an unknown input leads to a improper authorization vulnerability. CWE is classifying the issue as CWE-285. The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. This is going to have an impact on integrity. The summary by CVE is:

An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group (e.g.: Zabbix Administrators), except to groups that are disabled or having restricted GUI access.

It is possible to read the advisory at support.zabbix.com. This vulnerability is uniquely identified as CVE-2024-36467 since 05/28/2024. The exploitability is told to be easy. It is possible to initiate the attack remotely. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1548.002 according to MITRE ATT&CK.

The vulnerability scanner Nessus provides a plugin with the ID 239993 (TencentOS Server 4: zabbix (TSSA-2024:1129)), which helps to determine the existence of the flaw in a target environment.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the vulnerability database at Tenable (239993). Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Type

• Network Management Software

Name

• Zabbix

Version

• 5.0.0
• 5.0.1
• 5.0.2
• 5.0.3
• 5.0.4
• 5.0.5
• 5.0.6
• 5.0.7
• 5.0.8
• 5.0.9
• 5.0.10
• 5.0.11
• 5.0.12
• 5.0.13
• 5.0.14
• 5.0.15
• 5.0.16
• 5.0.17
• 5.0.18
• 5.0.19
• 5.0.20
• 5.0.21
• 5.0.22
• 5.0.23
• 5.0.24
• 5.0.25
• 5.0.26
• 5.0.27
• 5.0.28
• 5.0.29
• 5.0.30
• 5.0.31
• 5.0.32
• 5.0.33
• 5.0.34
• 5.0.35
• 5.0.36
• 5.0.37
• 5.0.38
• 5.0.39
• 5.0.40
• 5.0.41
• 5.0.42
• 6.0.0
• 6.0.1
• 6.0.2
• 6.0.3
• 6.0.4
• 6.0.5
• 6.0.6
• 6.0.7
• 6.0.8
• 6.0.9
• 6.0.10
• 6.0.11
• 6.0.12
• 6.0.13
• 6.0.14
• 6.0.15
• 6.0.16
• 6.0.17
• 6.0.18
• 6.0.19
• 6.0.20
• 6.0.21
• 6.0.22
• 6.0.23
• 6.0.24
• 6.0.25
• 6.0.26
• 6.0.27
• 6.0.28
• 6.0.29
• 6.0.30
• 6.0.31
• 6.0.32
• 6.4.0
• 6.4.1
• 6.4.2
• 6.4.3
• 6.4.4
• 6.4.5
• 6.4.6
• 6.4.7
• 6.4.8
• 6.4.9
• 6.4.10
• 6.4.11
• 6.4.12
• 6.4.13
• 6.4.14
• 6.4.15
• 6.4.16
• 6.4.17
• 7.0.1rc1

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion