Excessive Resource Abuse: A Threat to System Performance
CVE-2024-36462
7.5HIGH
What is CVE-2024-36462?
The vulnerability allows attackers to exploit uncontrolled resource consumption within Zabbix, leading to excessive utilization of CPU, memory, or network bandwidth. Without proper limits and resource management, the affected systems may experience significant performance degradation, risking denial-of-service conditions. Organizations using Zabbix should remain vigilant to defend against potential exploitations of this nature that could impact system reliability.
Affected Version(s)
Zabbix 7.0.0alpha1 <= 7.0.0rc2
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Zabbix extends its gratitude to justonezero for submitting this report on the HackerOne bug bounty platform