CVE-2024-42327
Zabbix SQL Injection Vulnerability
Description
A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.
INFO
Published Date :
Nov. 27, 2024, 12:15 p.m.
Last Modified :
Nov. 27, 2024, 12:15 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
6.0
Exploitability Score :
3.1
Public PoC/Exploit Available at Github
CVE-2024-42327 has a 6 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-42327.
| URL | Resource |
|---|---|
| https://support.zabbix.com/browse/ZBX-25623 |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
PoC for CVE-2024-42327 / ZBX-25623
Python
CVE-2024-42327: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)
cve-2024-42327 ZBX-25623
Python
CVE-2024-42327: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)
None
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
security cve exploit poc vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-42327 vulnerability anywhere in the article.
-
TheCyberThrone
Apache Arrow affected by CVE-2024-52338 Code Execution Flaw
The Apache Arrow R package has been identified with a critical security vulnerability impacting versions 4.0.0 through 16.1.0, could allow attackers to execute arbitrary code on systems processing ma ... Read more
-
security.nl
Zabbix-servers via kritiek SQL injection-lek op afstand over te nemen
Een kritiek beveiligingslek in open source monitoringtool Zabbix maakt het mogelijk om kwetsbare servers door middel van SQL injection op afstand over te nemen. De ontwikkelaar heeft vorige week bevei ... Read more
-
The Hacker News
THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)
Cyber Threats / Weekly Recap Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's tryi ... Read more
-
TheCyberThrone
The CyberThrone Most Exploited Vulnerabilities Top 10 – November 2024
Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of November 2024CVE-2024-9463: Palo Alto OS Command InjectionCVSS 3.1 Score : 9.9 CISA KEV: YesThis vuln ... Read more
-
TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2024
Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending November, 2024Subscribers favorite #1Apache Airf ... Read more
-
TheCyberThrone
INC Ransom claimed responsibility on Alder Hey Children’s Trust attack
On November 28, the ransomware group INC Ransom claimed to have compromised sensitive data from Alder Hey Children’s NHS Foundation Trust in Liverpool, UK. They posted on their data leak site that the ... Read more
-
TheCyberThrone
Zabbix tool affected by CVE-2024-42327
Zabbix, an open-source application monitoring tool, is warning its customers of a new critical vulnerability that could lead to full system compromise.The vulnerability tracked as CVE-2024-42327 with ... Read more
-
The Register
Zabbix urges upgrades after critical SQL injection bug disclosure
Open-source enterprise network and application monitoring provider Zabbix is warning customers of a new critical vulnerability that could lead to full system compromise. Tracked as CVE-2024-42327, the ... Read more
-
Cybersecurity News
CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix
Zabbix, a popular open-source IT infrastructure monitoring tool used by organizations worldwide, has been found to contain a critical SQL injection vulnerability (CVE-2024-42327) with a CVSS score of ... Read more
The following table lists the changes that have been made to the
CVE-2024-42327 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by [email protected]
Nov. 27, 2024
Action Type Old Value New Value Added Description A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access. Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Added CWE CWE-89 Added Reference https://support.zabbix.com/browse/ZBX-25623
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-42327 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-42327
weaknesses.