Headline
CVE-2023-29450: [ZBX-22588] Unautorized file system access in JS preprocessing (CVE-2023-29450)
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user “zabbix”) on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
Log inSkip to main contentSkip to sidebar
Dashboards
Projects
Issues
Help
- Jira Core help
- Keyboard Shortcuts
- About Jira
- Jira Credits
Log In
- ZABBIX BUGS AND ISSUES
- ZBX-22588
Log In
Export
XMLWordPrintable
Details
**Type: ** Defect (Security)
Status: Closed
**Priority: ** Blocker
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.0.34rc1, 6.0.16rc1, 6.2.9rc2, 6.4.2rc1, 7.0.0alpha1
Component/s: Proxy §, Server (S)
Labels:
- vulnerability
Team:
Team A
Sprint:
Sprint 98 (Mar 2023)
Story Points:
1
Attachments
Issue Links
mentioned in
Page Loading…
Activity
People
Assignee:
Vladislavs Sokurenko
Reporter:
Alexander Vladishev
Votes:
0 Vote for this issue
Watchers:
11 Start watching this issue
Dates
Created:
2023 Feb 23 10:03
Updated:
2023 Jul 03 14:26
Resolved:
2023 Apr 02 19:58