Zabbix · Zabbix Server · CVE-2020-11800
Name of the Vulnerable Software and Affected Versions:
Zabbix Server versions 2.2.x through 3.2.x
Zabbix Server versions 3.0.x through 3.0.30
Description:
The issue is related to errors in code generation management in the Zabbix monitoring system. It allows a remote attacker to execute arbitrary code.
Recommendations:
For Zabbix Server versions 2.2.x through 3.0.30, update to version 3.0.31 or later.
For Zabbix Server version 3.2, consider disabling the vulnerable code generation management functionality until a patch is available.
Restrict access to the Zabbix Server to minimize the risk of exploitation.