Zabbix Server Advisory

wagov · Sep 3, 2024 · 4737ac0 · 4737ac0
1 parent 1b44bb8
commit 4737ac0
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/docs/advisories/20240903001-Zabbix-Code-Execution Vulnerability.md b/docs/advisories/20240903001-Zabbix-Code-Execution Vulnerability.md
@@ -0,0 +1,24 @@
+# Zabbix Server Critical Vulnerability - 20240903001
+
+## Overview
+
+The WA SOC has been made aware of vulnerability discovered in Zabbix Server that allows attackers with restrited administrative permissions to execute arbitrary code. 
+The flaw, identified in the Ping script execution within the Monitoring Hosts section, could compromise the infrastructure.
+
+
+
+## What is vulnerable?
+
+| Product(s) Affected        | Version(s)                                                                       | CVE #                                                             | CVSS v4/v3 | Severity |
+| -------------------------- | -------------------------------------------------------------------------------- | ----------------------------------------------------------------- | ---------- | -------- |
+| Zabbix Server| Zabbix Server versions 6.4.0 to 6.4.15<br>Zabbix Server versions 7.0.0alpha1 to 7.0.0rc2 <br>  | [CVE-2024-22116](https://nvd.nist.gov/vuln/detail/CVE-2024-22116) | 9.9        | Critical |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- Zabbix Bugs and Issues: <https://support.zabbix.com/browse/ZBX-25016>