Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Critical Vulnerability Found in Zabbix Network Monitoring Tool

A critical-severity vulnerability in open source enterprise network monitoring tool Zabbix could lead to full system compromise.

Zabbix has warned of a critical-severity vulnerability in its open source enterprise networking monitoring solution that could allow attackers to inject arbitrary SQL queries and compromise data or the system.

Tracked as CVE-2024-42327 (CVSS score of 9.9), the security defect exists in a function that is available to any user with a role that has API access, Zabbix warned.

“A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability,” the company notes in its advisory.

“An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access,” it continues.

The vulnerability was also analyzed by Qualys, which noted that exploitation could allow attackers to escalate privileges and gain complete control of vulnerable Zabbix servers. The cybersecurity firm has seen over 83,000 internet-exposed Zabbix servers.

The flaw, the vendor announced, affects Zabbix versions 6.0.0 through 6.0.31, 6.4.0 through 6.4.16, and 7.0.0.

Although an advisory on CVE-2024-42327 was published only last week, patches for the issue were included in versions 6.0.32rc1, 6.4.17rc1, and 7.0.1rc1, which were released in July.

The patched iterations also resolve CVE-2024-36466 (CVSS score of 8.8), an authentication bypass issue that could allow an attacker to sign a forged zbx_session cookie and log in with administrator permissions.

Advertisement. Scroll to continue reading.

Zabbix version 7.0.1rc1 also fixes CVE-2024-36462, an uncontrolled resource consumption vulnerability that could allow an attacker to cause a denial-of-service (DoS) condition.

The company makes no mention of any of these vulnerabilities being exploited in the wild. Users are advised to update their installations to a patched version as soon as possible.

According to Zabbix, its monitoring solution is used by organizations in the education, finance, food, healthcare, IT, manufacturing, and retail sectors around the world.

Related: Ivanti Patches 50 Vulnerabilities Across Several Products

Related: High-Severity Vulnerabilities Patched in Zoom, Chrome

Related: Serious Vulnerabilities Patched in OpenCV Computer Vision Library

Related: How to Fix a Dysfunctional Security Culture

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.