CVE-2024-22121

Name

CVE-2024-22121

Description

A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
	https://support.zabbix.com/browse/ZBX-25011

Match rules

CPE URI	Source package	Min version	Max version
	zabbix	>= 5.0.0	<= 5.0.42
	zabbix	>= 6.0.0	<= 6.0.30
	zabbix	>= 6.4.0	<= 6.4.15
	zabbix	>= 7.0.0alpha1	<= 7.0.0rc2
`cpe:2.3:a:zabbix:zabbix:7.0.0:alpha1::::::`	zabbix	== None	== 7.0.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
zabbix	3.20-community	6.4.15-r2	Kevin Daudt <kdaudt@alpinelinux.org>	possibly vulnerable