9.8

CVE-2020-11800

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ZabbixZabbix Version >= 2.2.0 < 3.0.31
ZabbixZabbix Version3.2.0 Update-
OpensuseBackports Sle Version15.0 Updatesp1
OpensuseBackports Sle Version15.0 Updatesp2
OpensuseLeap Version15.1
OpensuseLeap Version15.2
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.19% 0.947
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
cve@mitre.org 9 2.2 6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.debian.org/debian-lts-announce/2020/11/msg00039.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html
Third Party Advisory
https://support.zabbix.com/browse/DEV-1538
Vendor Advisory
https://support.zabbix.com/browse/ZBX-17600
Vendor Advisory
https://support.zabbix.com/browse/ZBXSEC-30
Vendor Advisory
Permissions Required