Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.
Analysis
An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.
Technical ContextAI
Server-Side Request Forgery allows an attacker to induce the server to make HTTP requests to arbitrary destinations, including internal services. This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918).
RemediationAI
Validate and whitelist allowed URLs and IP ranges. Block requests to internal/private IP ranges. Use network segmentation to limit server-side request scope.
Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addre
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. Rate
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending sp
A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundr
Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. Rated m
Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web applic
URL validation scheme receives input from a user and then parses it to identify its various components. Rated medium sev
Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web a
An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other u
An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other us
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other
An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Rated
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allVendor StatusVendor
Ubuntu
Priority: Medium| Release | Status | Version |
|---|---|---|
| trusty | needs-triage | - |
| xenial | needs-triage | - |
| bionic | needs-triage | - |
| focal | needs-triage | - |
| jammy | needs-triage | - |
| noble | DNE | - |
| questing | needs-triage | - |
| upstream | needs-triage | - |
| plucky | ignored | end of life, was needs-triage |
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | fixed | 1:5.0.8+dfsg-1 | - |
| bullseye (security) | fixed | 1:5.0.47+dfsg-0+deb11u1 | - |
| bookworm | fixed | 1:6.0.14+dfsg-1 | - |
| trixie | fixed | 1:7.0.22+dfsg-1~deb13u1 | - |
| forky, sid | fixed | 1:7.0.22+dfsg-1 | - |
| (unstable) | not-affected | - | - |
SUSE
Severity: Medium| Product | Status |
|---|---|
| SUSE Linux Enterprise Server 12 SP5 | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Fixed |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Fixed |
| SUSE Linux Enterprise Server 12 SP3-BCL | Fixed |
| SUSE Linux Enterprise Server 12 SP3-ESPOS | Fixed |
| SUSE Linux Enterprise Server 12 SP3-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP4 | Fixed |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | Fixed |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP3 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Fixed |
| SUSE OpenStack Cloud 8 | Fixed |
| SUSE OpenStack Cloud 9 | Fixed |
| SUSE OpenStack Cloud Crowbar 8 | Fixed |
| SUSE OpenStack Cloud Crowbar 9 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-199987