From 4737ac01fe8946ce5eaf21048024b224a7437899 Mon Sep 17 00:00:00 2001
From: CharlesRN <125233614+CharlesRN@users.noreply.github.com>
Date: Tue, 3 Sep 2024 12:40:59 +0800
Subject: [PATCH] Zabbix Server Advisory
---
...001-Zabbix-Code-Execution Vulnerability.md | 24 +++++++++++++++++++
1 file changed, 24 insertions(+)
create mode 100644 docs/advisories/20240903001-Zabbix-Code-Execution Vulnerability.md
diff --git a/docs/advisories/20240903001-Zabbix-Code-Execution Vulnerability.md b/docs/advisories/20240903001-Zabbix-Code-Execution Vulnerability.md
new file mode 100644
index 00000000..f533e0cc
--- /dev/null
+++ b/docs/advisories/20240903001-Zabbix-Code-Execution Vulnerability.md
@@ -0,0 +1,24 @@
+# Zabbix Server Critical Vulnerability - 20240903001
+
+## Overview
+
+The WA SOC has been made aware of vulnerability discovered in Zabbix Server that allows attackers with restrited administrative permissions to execute arbitrary code.
+The flaw, identified in the Ping script execution within the Monitoring Hosts section, could compromise the infrastructure.
+
+
+
+## What is vulnerable?
+
+| Product(s) Affected | Version(s) | CVE # | CVSS v4/v3 | Severity |
+| -------------------------- | -------------------------------------------------------------------------------- | ----------------------------------------------------------------- | ---------- | -------- |
+| Zabbix Server| Zabbix Server versions 6.4.0 to 6.4.15
Zabbix Server versions 7.0.0alpha1 to 7.0.0rc2
| [CVE-2024-22116](https://nvd.nist.gov/vuln/detail/CVE-2024-22116) | 9.9 | Critical |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- Zabbix Bugs and Issues: