CyberSec.Space Logo
Back to CVE Browser

CVE-2020-11800

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile32.93th
PublishedOct 7, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.

Affected Platforms (CPE)

πŸ“¦
Zabbix

Zabbix

>= 2.2.0 and < 3.0.31
πŸ“¦
Zabbix

Zabbix

= 3.2.0
πŸ“¦
Opensuse

Backports Sle

= 15.0
πŸ“¦
Opensuse

Backports Sle

= 15.0
πŸ’»
Opensuse

Leap

= 15.1
πŸ’»
Opensuse

Leap

= 15.2
πŸ’»
Debian

Debian Linux

= 9.0

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html
πŸ”— https://lists.debian.org/debian-lts-announce/2020/11/msg00039.html
πŸ”— https://support.zabbix.com/browse/DEV-1538
πŸ”— https://support.zabbix.com/browse/ZBX-17600
πŸ”— https://support.zabbix.com/browse/ZBXSEC-30
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html
πŸ”— https://lists.debian.org/debian-lts-announce/2020/11/msg00039.html
πŸ”— https://support.zabbix.com/browse/DEV-1538

Related Vulnerabilities

CVE-2007-064010.0

Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."

CVE-2013-37389.8

A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which coul...

CVE-2013-57439.8

Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.

CVE-2014-30059.8

XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x...