Cybersecurity Warning: Unprotected Plaintext Passwords Exposed
CVE-2024-36460

8.1HIGH

Key Information:

Vendor: Zabbix
Status: Zabbix
Vendor: CVE Published:; 12 August 2024

What is CVE-2024-36460?

A security vulnerability exists in the front-end audit log of Zabbix that allows unauthorized users to view unprotected plaintext passwords. This weakness poses a significant risk, as sensitive credentials can be exposed, compromising the confidentiality of user accounts. The affected versions of the Zabbix monitoring software are particularly vulnerable, making it imperative for users to take proactive measures to secure their environments and safeguard against potential unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Zabbix 5,0,0 <= 5.0.42

Zabbix 6.0.0 <= 6.0.30

Zabbix 6.4.0 <= 6.4.15

References

https://support.zabbix.com/browse/ZBX-25017

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 12, 2024
Vulnerability Reserved
May 28, 2024

JSON

Zabbix

What is CVE-2024-36460?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.