CNNVD-202512-106 Information
Dec 01, 2025
cve
CNNVD ID
CNNVD-202512-106
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
Zabbix是Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix存在安全漏洞,该漏洞源于经过身份验证的超级管理员可利用oauth.authorize操作读取任意文件,可能导致信息泄露。
Description (English)
Zabbix is an open-source monitoring system for Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. There is a security loophole in Zabbix, which stems from the fact that an identified superman can access any document by using aauth.authorize, which could lead to a leak of information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zabbix
Published
2025-12-01
Last Modified
2026-02-24
References
https://support.zabbix.com/browse/ZBX-27282
Patch
https://www.zabbix.com/download
Share on: