First published: Thu May 08 2014(Updated: )
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zabbix Zabbix | <=1.8.19 | |
Zabbix Zabbix | =1.8 | |
Zabbix Zabbix | =1.8.1 | |
Zabbix Zabbix | =1.8.2 | |
Zabbix Zabbix | =1.8.3-rc1 | |
Zabbix Zabbix | =1.8.3-rc2 | |
Zabbix Zabbix | =1.8.3-rc3 | |
Zabbix Zabbix | =1.8.15-rc1 | |
Zabbix Zabbix | =1.8.16 | |
Zabbix Zabbix | =1.8.18 | |
Zabbix Zabbix | =2.0.0 | |
Zabbix Zabbix | =2.0.0-rc1 | |
Zabbix Zabbix | =2.0.0-rc2 | |
Zabbix Zabbix | =2.0.0-rc3 | |
Zabbix Zabbix | =2.0.0-rc4 | |
Zabbix Zabbix | =2.0.0-rc5 | |
Zabbix Zabbix | =2.0.0-rc6 | |
Zabbix Zabbix | =2.0.1 | |
Zabbix Zabbix | =2.0.1-rc1 | |
Zabbix Zabbix | =2.0.1-rc2 | |
Zabbix Zabbix | =2.0.2 | |
Zabbix Zabbix | =2.0.2-rc1 | |
Zabbix Zabbix | =2.0.2-rc2 | |
Zabbix Zabbix | =2.0.3 | |
Zabbix Zabbix | =2.0.3-rc1 | |
Zabbix Zabbix | =2.0.3-rc2 | |
Zabbix Zabbix | =2.0.4 | |
Zabbix Zabbix | =2.0.4-rc1 | |
Zabbix Zabbix | =2.0.5 | |
Zabbix Zabbix | =2.0.5-rc1 | |
Zabbix Zabbix | =2.0.6 | |
Zabbix Zabbix | =2.0.6-rc1 | |
Zabbix Zabbix | =2.0.7-rc1 | |
Zabbix Zabbix | =2.0.8-rc1 | |
Zabbix Zabbix | =2.0.8-rc2 | |
Zabbix Zabbix | =2.0.9-rc1 | |
Zabbix Zabbix | =2.0.9-rc2 | |
Zabbix Zabbix | =2.0.10-rc1 | |
Zabbix Zabbix | =2.2.0 | |
Zabbix Zabbix | =2.2.0-rc1 | |
Zabbix Zabbix | =2.2.0-rc2 | |
Zabbix Zabbix | =2.2.1 | |
Zabbix Zabbix | =2.2.1 | |
Zabbix Zabbix | =2.2.1-rc1 | |
Fedoraproject Fedora | =19 | |
Fedoraproject Fedora | =20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.