VDB
CVE-2024-36461
CVE-2024-36461
PUBLISHED
Es besteht eine Schwachstelle in Zabbix. Dieser Fehler besteht aufgrund einer nicht vertrauenswürdigen Zeiger-Dereferenz, die es erlaubt, Speicherzeiger in der JavaScript-Engine zu verändern. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.
EPSS 0.72% · 73.0th percentile
Risk Scores
EPSS Score
0.72%
73.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zabbix | Zabbix Zabbix <5.0.43rc1 | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| SUSE | SUSE openSUSE | |
| Zabbix | Zabbix Zabbix <6.4.16rc1 | |
| Zabbix | Zabbix Zabbix <6.0.31rc1 | |
| Zabbix | Zabbix Zabbix <7.0.0rc3 |
Exploit Intelligence
Timeline
- Aug 9, 2024 CVE Published
- Aug 13, 2024 EPSS Score
- Sep 3, 2024 EPSS Score
- Sep 24, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 14, 2024 EPSS Score
- Nov 4, 2024 EPSS Score
- Nov 25, 2024 EPSS Score
- Dec 5, 2024 Coalition ESS Score
- Dec 17, 2024 EPSS Score
- Jan 7, 2025 EPSS Score
- Feb 17, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1811.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1811 advisory
- https://support.zabbix.com/browse/ZBX-25011 advisory
- https://support.zabbix.com/browse/ZBX-25012 advisory
- https://support.zabbix.com/browse/ZBX-25013 advisory
- https://support.zabbix.com/browse/ZBX-25015 advisory
- https://support.zabbix.com/browse/ZBX-25016 advisory
- https://support.zabbix.com/browse/ZBX-25017 advisory
- https://support.zabbix.com/browse/ZBX-25018 advisory
- https://support.zabbix.com/browse/ZBX-25019 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-0214e32cb7 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-8382d1b267 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-e76322a49b advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-c89d2ecdea advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3PD6B3LKRPYC75TREXWUSOIW63MKTVPM/ advisory
- https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C6HFPCXWPBUGZ3BE7T5OXXTSGEHUCHFU/ advisory