2.7
CVE-2024-42333
- EPSS 0.17%
- Published 27.11.2024 12:15:21
- Last modified 27.11.2024 12:15:21
- Source security@zabbix.com
- Teams watchlist Login
- Open Login
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorZabbix
≫
Product
Zabbix
Default Statusunaffected
Version <=
6.0.33
Version
6.0.0
Status
affected
Version <=
6.4.18
Version
6.4.0
Status
affected
Version <=
7.0.3
Version
7.0.0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.387 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| security@zabbix.com | 2.7 | 1.2 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
|
CWE-126 Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.