| Name | CVE-2024-22120 |
| Description | Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 1072120 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| zabbix (PTS) | bullseye | 1:5.0.8+dfsg-1 | fixed |
| bullseye (security) | 1:5.0.46+dfsg-1+deb11u1 | fixed | |
| bookworm | 1:6.0.14+dfsg-1 | vulnerable | |
| forky, sid, trixie | 1:7.0.10+dfsg-2 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| zabbix | source | buster | (not affected) | |||
| zabbix | source | bullseye | (not affected) | |||
| zabbix | source | (unstable) | 1:6.0.29+dfsg-1 | 1072120 |
[bullseye] - zabbix <not-affected> (Vulnerable code introduced later)
[buster] - zabbix <not-affected> (Vulnerable code introduced later)
https://support.zabbix.com/browse/ZBX-24505
Fixed by: https://github.com/zabbix/zabbix/commit/9013ff74985e40aee6b58e2ed67675b87cab0879 (7.0.0beta2)
Fixed by: https://github.com/zabbix/zabbix/commit/c8ac414ff44127c3e8781eb029f519c060f623fa (6.0.28rc1)
introduced by https://github.com/zabbix/zabbix/commit/6c276d866d3f96689609d70c5893cfff8cac7cd6 (first seen in 6.0.0alpha1)