Wind River Support Network

HomeDefectsLIN1021-5599
Fixed

LIN1021-5599 : Security Advisory - zabbix - CVE-2023-29449

Created: Apr 11, 2023    Updated: Dec 14, 2023
Resolved Date: Dec 13, 2023
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access. 

https://nvd.nist.gov/vuln/detail/CVE-2023-29449
Live chat
Online