Wind River Support Network

HomeDefectsLIN1022-6038
Fixed

LIN1022-6038 : Security Advisory - zabbix - CVE-2023-32727

Created: Dec 19, 2023    Updated: Mar 19, 2024
Resolved Date: Mar 18, 2024
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CREATE(Triage):(User=admin) CVE-2023-32727 (https://nvd.nist.gov/vuln/detail/CVE-2023-32727)

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube