ALT-PU-2013-1271-1
Closed vulnerabilities
Published: 2013-12-19
Modified: 2025-04-11
Modified: 2025-04-11
CVE-2013-6824
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
- http://security.gentoo.org/glsa/glsa-201401-26.xml
- http://www.zabbix.com/rn1.8.19rc1.php
- http://www.zabbix.com/rn2.0.10rc1.php
- http://www.zabbix.com/rn2.2.1rc1.php
- https://support.zabbix.com/browse/ZBX-7479
- http://security.gentoo.org/glsa/glsa-201401-26.xml
- http://www.zabbix.com/rn1.8.19rc1.php
- http://www.zabbix.com/rn2.0.10rc1.php
- http://www.zabbix.com/rn2.2.1rc1.php
- https://support.zabbix.com/browse/ZBX-7479