CVE-2011-3264

EPSS 0.46%
Veröffentlicht 19.08.2011 21:55:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php, which reveals the installation path in an error message.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zabbix ≫ Zabbix Version <= 1.8.5

Zabbix ≫ Zabbix Version1.1

Zabbix ≫ Zabbix Version1.1 Updatebeta10

Zabbix ≫ Zabbix Version1.1 Updatebeta11

Zabbix ≫ Zabbix Version1.1 Updatebeta12

Zabbix ≫ Zabbix Version1.1 Updatebeta2

Zabbix ≫ Zabbix Version1.1 Updatebeta3

Zabbix ≫ Zabbix Version1.1 Updatebeta4

Zabbix ≫ Zabbix Version1.1 Updatebeta5

Zabbix ≫ Zabbix Version1.1 Updatebeta6

Zabbix ≫ Zabbix Version1.1 Updatebeta7

Zabbix ≫ Zabbix Version1.1 Updatebeta8

Zabbix ≫ Zabbix Version1.1 Updatebeta9

Zabbix ≫ Zabbix Version1.1.1

Zabbix ≫ Zabbix Version1.1.2

Zabbix ≫ Zabbix Version1.1.3

Zabbix ≫ Zabbix Version1.1.4

Zabbix ≫ Zabbix Version1.1.5

Zabbix ≫ Zabbix Version1.1.6

Zabbix ≫ Zabbix Version1.1.7

Zabbix ≫ Zabbix Version1.3 Updatebeta

Zabbix ≫ Zabbix Version1.3.1 Updatebeta

Zabbix ≫ Zabbix Version1.3.2 Updatebeta

Zabbix ≫ Zabbix Version1.3.3 Updatebeta

Zabbix ≫ Zabbix Version1.3.4 Updatebeta

Zabbix ≫ Zabbix Version1.3.5 Updatebeta

Zabbix ≫ Zabbix Version1.3.6 Updatebeta

Zabbix ≫ Zabbix Version1.3.7 Updatebeta

Zabbix ≫ Zabbix Version1.3.8 Updatebeta

Zabbix ≫ Zabbix Version1.4.2

Zabbix ≫ Zabbix Version1.4.3

Zabbix ≫ Zabbix Version1.4.4

Zabbix ≫ Zabbix Version1.4.5

Zabbix ≫ Zabbix Version1.4.6

Zabbix ≫ Zabbix Version1.5 Updatebeta

Zabbix ≫ Zabbix Version1.5.1 Updatebeta

Zabbix ≫ Zabbix Version1.5.2 Updatebeta

Zabbix ≫ Zabbix Version1.5.3 Updatebeta

Zabbix ≫ Zabbix Version1.5.4 Updatebeta

Zabbix ≫ Zabbix Version1.6

Zabbix ≫ Zabbix Version1.6.1

Zabbix ≫ Zabbix Version1.6.2

Zabbix ≫ Zabbix Version1.6.3

Zabbix ≫ Zabbix Version1.6.4

Zabbix ≫ Zabbix Version1.6.5

Zabbix ≫ Zabbix Version1.6.6

Zabbix ≫ Zabbix Version1.6.7

Zabbix ≫ Zabbix Version1.6.8

Zabbix ≫ Zabbix Version1.6.9

Zabbix ≫ Zabbix Version1.7

Zabbix ≫ Zabbix Version1.7.1

Zabbix ≫ Zabbix Version1.7.2

Zabbix ≫ Zabbix Version1.7.3

Zabbix ≫ Zabbix Version1.7.4

Zabbix ≫ Zabbix Version1.8

Zabbix ≫ Zabbix Version1.8.1

Zabbix ≫ Zabbix Version1.8.2

Zabbix ≫ Zabbix Version1.8.3

Zabbix ≫ Zabbix Version1.8.3 Updaterc1

Zabbix ≫ Zabbix Version1.8.3 Updaterc2

Zabbix ≫ Zabbix Version1.8.3 Updaterc3

Zabbix ≫ Zabbix Version1.8.4

Zabbix ≫ Zabbix Version1.8.4 Updaterc1

Zabbix ≫ Zabbix Version1.8.4 Updaterc2

Zabbix ≫ Zabbix Version1.8.4 Updaterc3

Zabbix ≫ Zabbix Version1.8.4 Updaterc4

Zabbix ≫ Zabbix Version1.8.5 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.46%	0.629

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.zabbix.com/rn1.8.6.php

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/69377

https://support.zabbix.com/browse/ZBX-3840

https://nvd.nist.gov/vuln/detail/CVE-2011-3264

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-3264

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-3264

EUVD