CVE-2009-4498

Published Dec 31, 2009

Last updated 14 years ago

Overview

Description: The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "029D5AFC-404B-4BF2-AB85-F04F2E77F4BD",
            "versionEndIncluding": "1.7.4"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0FB47B1-330E-4ED4-A4AF-993DC613B782"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7AA37E-2E1A-471D-95AE-83A2CABF1DF5"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFABFF16-FD5E-4FCF-BDF8-AE8D654CEAD4"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03E211F0-2F61-4503-AE89-0F750C2848B5"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55BC3D41-DB27-4509-8908-0A7F0A19206E"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96A266AD-7853-40D0-8D1B-6ECFF34A76AA"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6866F9A2-3986-4F63-8DBA-23E4B59A0C11"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC04F70A-4CB2-486F-BA7B-514065BC00AF"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A293369B-4B44-4210-8D39-407536513897"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C4A2B75-0B3B-46EC-BA80-A528DEF58DAB"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B9506E6-3011-430A-B099-AFBF0CE4830B"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13C94196-4CC6-4827-944A-197F748A48E2"
          },
          {
            "criteria": "cpe:2.3:a:zabbix:zabbix:1.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B6DB768-148D-4067-9202-42B9C16F3DFF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References