#CVE202442327

Critical Vulnerability Found in Zabbix Network Monitoring Tool

December 2, 2024 by Xynik

December 2, 2024 at 07:25AM Zabbix has announced a critical vulnerability (CVE-2024-42327) in its monitoring solution, allowing SQL injection attacks through API access for non-admin users. Affected versions include 6.0.0 to 6.0.31, 6.4.0 to 6.4.16, and 7.0.0. Patches are available in recent releases. Users are urged to update promptly. ### Meeting Takeaways on Zabbix Vulnerabilities … Read more

Zabbix urges upgrades after critical SQL injection bug disclosure

November 29, 2024 by Xynik

November 29, 2024 at 12:50PM Zabbix has alerted customers to a critical SQL injection vulnerability (CVE-2024-42327) that could allow system compromise via API access. Affected versions include 6.0.0-6.0.31, 6.4.0-6.4.16, and 7.0.0. Users should upgrade to protect against potential privilege escalation attacks, as the vulnerability poses risks across many industries. **Meeting Takeaways:** 1. **Critical Vulnerability Alert**: … Read more