File System Access Vulnerability in Zabbix Server and Proxy via JavaScript Pre-processing

File System Access Vulnerability in Zabbix Server and Proxy via JavaScript Pre-processing

CVE-2023-29450 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.

Learn more about our Cis Benchmark Audit For Server Software.