CVE-2023-29450

CVSS V2 None CVSS V3 None
Description
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
Overview
  • CVE ID
  • CVE-2023-29450
  • Assigner
  • Zabbix
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-13T08:25:27.911Z
  • Last Modified Date
  • 2023-07-13T08:25:27.911Z
Weakness Enumerations
CWE URL
CWE-200 http://cwe.mitre.org/data/definitions/200.html
CWE-552 http://cwe.mitre.org/data/definitions/552.html
References
Reference URL Reference Tags
https://support.zabbix.com/browse/ZBX-22588
https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-29450
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29450
History
Created Old Value New Value Data Type Notes
2024-06-25 04:33:49 Added to TrackCVE