CVE-2013-1364

The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.

Affected products Warnungen 0 Metrics 2 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Zabbix ≫ Zabbix Version <= 1.8.15

Zabbix ≫ Zabbix Version2.0.0

Zabbix ≫ Zabbix Version2.0.1

Zabbix ≫ Zabbix Version2.0.2

Zabbix ≫ Zabbix Version2.0.3

Zabbix ≫ Zabbix Version2.0.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.44%	0.603

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Vendor Advisory

Vendor Advisory

Vendor Advisory

CVE Source (NVD)

CVE Source (JSON)

EUVD