Security Advisory

CVE-2024-22120

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-17 09:53:52

Last updated 2024-08-01 22:35:34

Assigner Zabbix

State PUBLISHED

Description

Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection.

← Browse all CVEs View on cve.org ↗