CVE-2023-29450
- Source
- https://cve.org/CVERecord?id=CVE-2023-29450
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-29450.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-29450
- Downstream
- Related
- Published
- 2023-07-13T09:15:09.660Z
- Modified
- 2026-04-11T12:45:09.384832Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
- Database specific
{ "unresolved_ranges": [ { "cpe": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "5.0.33" }, { "introduced": "6.4.0" }, { "last_affected": "6.4.1" }, { "introduced": "6.4.3" }, { "last_affected": "6.4.4" } ], "source": "CPE_FIELD" } ] }- References
Affected packages
Git / github.com/zabbix/zabbix
Affected versions
6.*
6.0.0
6.0.1
6.0.10
6.0.10rc1
6.0.10rc2
6.0.11
6.0.11rc1
6.0.11rc2
6.0.12
6.0.12rc1
6.0.12rc2
6.0.13
6.0.13rc1
6.0.14
6.0.14rc1
6.0.14rc2
6.0.15
6.0.15rc1
6.0.15rc2
6.0.1rc1
6.0.1rc2
6.0.1rc3
6.0.1rc4
6.0.2
6.0.2rc1
6.0.3
6.0.3rc1
6.0.4
6.0.4rc1
6.0.5
6.0.5rc1
6.0.6
6.0.6rc1
6.0.7
6.0.7rc1
6.0.8
6.0.8rc1
6.0.8rc2
6.0.9
6.0.9rc1
6.0.9rc2