Vulnerability
Zabbix is an open-source monitoring software tool that can be used to monitor a variety of IT components such as networks, servers, virtual machines, and cloud services.In zabbix.php?action=dashboard.view&dashboardid=1, an error was discovered through version 4.4 of Zabbix. An attacker can access the dashboard page without login credentials, and then can create a dashboard, report, screen, or map anonymously. Other users and an admin have access to all created elements (Dashboard/Report/Screen/Map).
Mitigation / Precaution
- We suggest you update Zabbix to a version greater than 4.4 in order to fix this vulnerability.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
