CVE-2014-1682

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2014-1682

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-1682.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2014-1682

Downstream

DEBIAN-CVE-2014-1682

Related

MGASA-2014-0095

Withdrawn

2026-01-27T04:12:31.788188Z

Published

2014-05-08T14:29:14Z

Modified

2026-01-27T04:12:31.788188Z

Summary

[none]

Details

The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.

References

http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132376.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132377.html
http://www.securityfocus.com/bid/65402
https://support.zabbix.com/browse/ZBX-7703

CVE-2014-1682

Affected packages