User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.zabbix.com/browse/ZBX-25015 |
History
Wed, 04 Dec 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zabbix
Zabbix zabbix |
|
CPEs | cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha1:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha2:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha3:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha4:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha5:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha6:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha7:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha8:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:alpha9:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:beta3:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:zabbix:zabbix:7.0.0:rc2:*:*:*:*:*:* |
|
Vendors & Products |
Zabbix
Zabbix zabbix |
Fri, 09 Aug 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
Fri, 09 Aug 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 09 Aug 2024 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. | |
Title | System Information Widget in Global View Dashboard exposes information about Hosts to Users without Permission | |
Weaknesses | CWE-281 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Zabbix
Published: 2024-08-09T10:15:26.509Z
Updated: 2024-08-09T13:31:39.639Z
Reserved: 2024-01-05T07:44:01.394Z
Link: CVE-2024-22114
Vulnrichment
Updated: 2024-08-09T12:39:53.004Z
NVD
Status : Analyzed
Published: 2024-08-12T13:38:15.627
Modified: 2024-12-04T15:28:53.450
Link: CVE-2024-22114
Redhat
No data.