Security Advisory

CVE-2017-2825

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-04-20 21:00:00

Last updated 2024-09-16 23:05:42

Assigner talos

State PUBLISHED

Description

In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗