Wind River Support Network

HomeDefectsLIN1021-6958
Fixed

LIN1021-6958 : Security Advisory - zabbix - CVE-2023-32727

Created: Dec 19, 2023    Updated: Jan 21, 2024
Resolved Date: Jan 21, 2024
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

CREATE(Triage):(User=admin) CVE-2023-32727 (https://nvd.nist.gov/vuln/detail/CVE-2023-32727)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube