XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
Advisories
Source ID Title
EUVD EUVD EUVD-2014-3027 XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
Ubuntu USN Ubuntu USN USN-4767-1 Zabbix vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T10:28:46.259Z

Reserved: 2014-04-25T00:00:00

Link: CVE-2014-3005

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-02-01T17:29:00.463

Modified: 2024-11-21T02:07:18.917

Link: CVE-2014-3005

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.