How severe is CVE-2023-32725?

CVE-2023-32725 has a CVSS v3 score of 9.6 (CRITICAL).

CVE-2023-32725

Name: zabbix_server
Author: zabbix

9.6CRITICAL

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particula

Published: 12/18/2023Updated: 11/21/2024

Description

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.

AI AnalysisPowered by AI

Affected Products

zabbixzabbix_server

7.0.0

zabbixzabbix_server

7.0.0

zabbixzabbix_server

7.0.0

zabbixfrontend

7.0.0

zabbixfrontend

7.0.0

zabbixfrontend

7.0.0

References

https://support.zabbix.com/browse/ZBX-23854
Vendor Advisory
https://support.zabbix.com/browse/ZBX-23854
Vendor Advisory