CNNVD-202510-516 Information
CNNVD ID
CNNVD-202510-516
Related CVE
- CNNVD Published: 2025-10-03
Description (Chinese)
Zabbix是Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix存在安全漏洞,该漏洞源于用户可通过Zabbix API搜索用户组中其他用户并选择无访问权限的字段,可能导致数据挖掘。
Description (English)
Zabbix is an open-source monitoring system for Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. There is a security loophole in Zabbix, which stems from the fact that users can search other users in the user group through Zabbix API and choose fields without access, which may lead to data mining.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zabbix
Published
2025-10-03
Last Modified
2026-02-24
References
https://support.zabbix.com/browse/ZBX-27060 https://access.redhat.com/security/cve/cve-2025-27236 https://vigilance.fr/vulnerability/Zabbix-information-disclosure-via-api-jsonrpc-php-48383
Patch
https://support.zabbix.com/browse/ZBX-27060
Share on: