Vulnerability CVE-2023-32728: Information
Description
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
zabbix | sisyphus | 6.0.27-alt1 | 6.0.29-alt1 | ALT-PU-2024-3075-1 | 341482 | Fixed |
zabbix | sisyphus_e2k | 6.0.27-alt2 | 6.0.29-alt1 | ALT-PU-2024-4292-1 | - | Fixed |
zabbix | sisyphus_riscv64 | 6.0.27-alt1 | 6.0.29-alt1 | ALT-PU-2024-4119-1 | - | Fixed |
zabbix | sisyphus_loongarch64 | 6.0.27-alt1 | 6.0.29-alt1 | ALT-PU-2024-3139-1 | - | Fixed |
zabbix | p10 | 6.0.25-alt0.p10.3 | 6.0.29-alt0.p10.1 | ALT-PU-2024-1355-2 | 338813 | Fixed |
zabbix | p10_e2k | 6.0.25-alt0.p10.3 | 6.0.29-alt0.p10.1 | ALT-PU-2024-1497-1 | - | Fixed |
zabbix | c10f1 | 6.0.25-alt0.c10f1.1 | 6.0.27-alt0.c10f1.1 | ALT-PU-2024-1565-3 | 339367 | Fixed |
zabbix | c9f2 | 5.0.40-alt1 | 5.0.40-alt1 | ALT-PU-2024-1356-2 | 338818 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://support.zabbix.com/browse/ZBX-23858 |
|