Pavel Voit

**Nome do software vulnerável e versões afetadas** Versões do Zabbix 6.0.30 a 6.0.30, 6.4.15 e 7.0.0 **Descrição** O problema está relacionado à possibilidade de modificar diretamente ponteiros de memória no mecanismo JavaScript do Zabbix. Isso poderia permitir que um invasor remoto executasse código arbitrário. **Recomendações** Para as versões 6.0.30, 6.4.15 e 7.0.0 do Zabbix, atualize para versões mais recentes, como 6.0.31rc1, 6.4.16rc1 ou 7.0.1rc1, respectivamente, para proteger os recursos.

**Name of the Vulnerable Software and Affected Versions** Zabbix (affected versions not specified) **Description** The issue is related to incorrect permission assignment for a critical resource in the Zabbix monitoring system. Exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. Additionally, there is a problem with a memory pointer in a property of the Ducktape object, which can lead to vulnerabilities related to direct memory access and manipulation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.