PT-2024-6099 · Zabbix+4 · Zabbix+4

Maris Melnikovs

Published

2024-08-09

Updated

2026-01-17

CVE-2024-36460

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Zabbix (affected versions not specified)

Description The issue is related to the front-end audit log, which allows viewing of unprotected plaintext passwords. These passwords are displayed in plain text, potentially enabling a remote attacker to gain access to confidential information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-256

Related Identifiers

ALT-PU-2024-11571

ALT-PU-2024-11575

ALT-PU-2024-15832

BDU:2024-07008

CVE-2024-36460

DLA-3909-1

Affected Products

Alt Linux

Astra Linux

Debian

Red Os

Zabbix

PT-2024-6099 · Zabbix+4 · Zabbix+4

CVE-2024-36460

Weakness Enumeration

Related Identifiers

Affected Products

References · 25