PT-2024-9609 · Zabbix+2 · Zabbix+2

Vjaceslavs Bogdanovs

Published

2024-11-27

Updated

2025-10-08

CVE-2024-42329

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Zabbix (affected versions not specified)

Description The issue is related to the webdriver session query function in Zabbix, which can lead to a null pointer dereference. This can cause a denial of service (DoS) when the function fails without providing an error description, resulting in a crash when trying to read from a null error object. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-690CWE-476

Related Identifiers

ALT-PU-2024-16527

ALT-PU-2024-16638

BDU:2024-11321

CVE-2024-42329

Affected Products

Alt Linux

Red Os

Zabbix

PT-2024-9609 · Zabbix+2 · Zabbix+2

CVE-2024-42329

Weakness Enumeration

Related Identifiers

Affected Products

References · 16