Total vulnerabilities in the database
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI.
| Software | From | Fixed in |
|---|---|---|
| zabbix / zabbix | 7.0.0-alpha2 | 7.0.0-alpha2.x |
| zabbix / zabbix | 7.0.0-alpha3 | 7.0.0-alpha3.x |
| zabbix / zabbix | 7.0.0-alpha1 | 7.0.0-alpha1.x |
| zabbix / zabbix | 7.0.0-alpha6 | 7.0.0-alpha6.x |
| zabbix / zabbix | 7.0.0-alpha7 | 7.0.0-alpha7.x |
| zabbix / zabbix | 7.0.0-alpha4 | 7.0.0-alpha4.x |
| zabbix / zabbix | 6.4.0 | 6.4.15.x |
| zabbix / zabbix | 6.0.0 | 6.0.30.x |
| zabbix / zabbix | 7.0.0-alpha5 | 7.0.0-alpha5.x |
| zabbix / zabbix | 7.0.0-alpha8 | 7.0.0-alpha8.x |
| zabbix / zabbix | 7.0.0-alpha9 | 7.0.0-alpha9.x |
| zabbix / zabbix | 7.0.0-beta1 | 7.0.0-beta1.x |
| zabbix / zabbix | 7.0.0-beta2 | 7.0.0-beta2.x |
| zabbix / zabbix | 7.0.0-beta3 | 7.0.0-beta3.x |
| zabbix / zabbix | 7.0.0-rc1 | 7.0.0-rc1.x |
| zabbix / zabbix | 7.0.0-rc2 | 7.0.0-rc2.x |
| zabbix / zabbix | 5.0.0 | 5.0.42.x |