VDB

DEBIAN-CVE-2014-1682

DEBIAN-CVE-2014-1682 PUBLISHED

The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.

Affected Products

VendorProductVersions
Debian:13zabbix0, 0, 0
Debian:14zabbix0, 0, 0
Debian:11zabbix0, 0, 0
Debian:12zabbix0, 0, 0

Timeline

  • May 8, 2014 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›