Denial of service in Zabbix map element feature
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Resource management error
EUVDB-ID: #VU101288
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22117
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote user to disable map feature.
The vulnerability exists due to improper handling of map element identifiers when adding a new URL. A remote user can increment the sysmapelementurlid value by 1 for an existing map element and prevent other users from adding new URLs.
Install updates from vendor's website.
Vulnerable software versionsZabbix: 5.0.0 rc1 - 7.0.3
CPE2.3- cpe:2.3:a:zabbix:zabbix:5.0.43:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:5.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:6.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:6.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:6.4.18:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:7.0.3:*:*:*:*:*:*:*
https://support.zabbix.com/browse/ZBX-25610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
