CVE-2023-29449

CVSS v2.0

6.1

Medium

Vector

AV:N/AC:L/Au:M/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Zabbix (affected versions not specified)

Description The issue is related to uncontrolled CPU, memory, and disk I/O utilization caused by JavaScript preprocessing, webhooks, and global scripts. This can be exploited to cause a denial of service. The security risk is limited because configuration and testing of these scripts are only available to Administrative roles, such as Admin and Superadmin.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

ALT-PU-2023-6268

BDU:2024-06939

CVE-2023-29449

DLA-3909-1

ROSA-SA-2024-2539

Affected Products

Alt Linux

Astra Linux

Debian

Zabbix

CVE-2023-29449

Weakness Enumeration

Related Identifiers

Affected Products

References · 100