CNNVD-202510-517 Information
CNNVD ID
CNNVD-202510-517
Related CVE
- CNNVD Published: 2025-10-03
Description (Chinese)
Zabbix是Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix存在安全漏洞,该漏洞源于超级管理员账户可通过更改LDAP主机为恶意LDAP服务器泄露绑定密码,可能导致凭据泄露。
Description (English)
Zabbix is an open-source monitoring system for Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. There was a security loophole in Zabbix, which stemmed from the fact that the Super Administrator ’ s account could be leaked by changing the LDAP mainframe to the malicious LDAP server, which could lead to the disclosure of evidence.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zabbix
Published
2025-10-03
Last Modified
2026-02-24
References
https://support.zabbix.com/browse/ZBX-27062 https://access.redhat.com/security/cve/cve-2025-27231 https://vigilance.fr/vulnerability/Zabbix-information-disclosure-via-LDAP-Host-Bind-Password-48386
Patch
https://support.zabbix.com/browse/ZBX-27062
Share on: