Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-32725 | 1 Zabbix | 2 Frontend, Zabbix Server | 2024-02-05 | N/A | 8.8 HIGH |
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user. | |||||
CVE-2023-32727 | 1 Zabbix | 1 Zabbix Server | 2024-02-05 | N/A | 7.2 HIGH |
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. |