User Spoofing Vulnerability in Zabbix API Affecting Multiple Versions
CVE-2014-1682

Currently unrated

Key Information:

Vendor

Zabbix

Status
Zabbix
Fedora
Vendor
CVE Published:
8 May 2014

What is CVE-2014-1682?

The Zabbix API, present in versions prior to 1.8.20rc1, 2.0.11rc1, and 2.2.2rc1, contains a vulnerability that allows remote authenticated users to impersonate other users. This occurs through the manipulation of the username in a user.login request, potentially leading to unauthorized access and exploitation of user privileges within the Zabbix system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/65402
vdb-entryx_refsource_BID
https://support.zabbix.com/browse/ZBX-7703
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.