
We found results for “”
CVE-2024-42325
Good to know:

Date: April 2, 2025
Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc.
Severity Score
Severity Score
Weakness Type (CWE)
Exposure of Private Personal Information to an Unauthorized Actor
CWE-359Top Fix

Upgrade Version
Upgrade to version https://github.com/zabbix/zabbix.git - 5.0.46;https://github.com/zabbix/zabbix.git - 6.0.38;https://github.com/zabbix/zabbix.git - 7.0.9;https://github.com/zabbix/zabbix.git - 7.2.3
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | ADJACENT_NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |