CVE-2013-5572

Name of the Vulnerable Software and Affected Versions Zabbix version 2.0.5

Description The issue allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap bind password value in the HTML source code.

Recommendations For Zabbix version 2.0.5, consider restricting access to the management console to minimize the risk of exploitation. As a temporary workaround, avoid using the LDAP authentication feature until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.