CVE-2024-42332

Name
CVE-2024-42332
Description
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://support.zabbix.com/browse/ZBX-25628
af854a3a-2127-422b-91ae-364da2661108 https://lists.debian.org/debian-lts-announce/2024/12/msg00005.html

Match rules

CPE URI Source package Min version Max version
zabbix >= 6.0.0 < 6.0.34
zabbix >= 6.4.0 < 6.4.19
zabbix >= 7.0.0 < 7.0.4
cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* zabbix >= 6.0.0 < 6.0.35
cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* zabbix >= 6.4.0 < 6.4.20
cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* zabbix >= 7.0.0 < 7.0.3

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
zabbix edge-community 7.0.1-r0 Kevin Daudt <kdaudt@alpinelinux.org> possibly vulnerable
zabbix 3.22-community 7.0.1-r0 None possibly vulnerable
zabbix 3.20-community 6.4.18-r0 Kevin Daudt <kdaudt@alpinelinux.org> possibly vulnerable