CVE-2023-32727

NameCVE-2023-32727
DescriptionAn attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3909-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
zabbix (PTS)jessie, jessie (lts)1:2.2.23+dfsg-0+deb8u9fixed
stretch (security)1:3.0.32+dfsg-0+deb9u3fixed
stretch (lts), stretch1:3.0.32+dfsg-0+deb9u8fixed
buster (security), buster, buster (lts)1:4.0.4+dfsg-1+deb10u5fixed
bullseye1:5.0.8+dfsg-1vulnerable
bullseye (security)1:5.0.45+dfsg-1+deb11u1fixed
bookworm1:6.0.14+dfsg-1vulnerable
sid, trixie1:7.0.6+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zabbixsourcejessie(not affected)
zabbixsourcestretch(not affected)
zabbixsourcebuster(not affected)
zabbixsourcebullseye1:5.0.44+dfsg-1+deb11u1DLA-3909-1
zabbixsource(unstable)1:6.0.23+dfsg-1

Notes

[buster] - zabbix <not-affected> (Vulnerable code introduced later)
https://support.zabbix.com/browse/ZBX-23857
https://github.com/zabbix/zabbix/commit/93e090592fc6de7ec5d3d42c1bb9074ad1f3ba34 (6.0.23rc1)
https://github.com/zabbix/zabbix/commit/610f9fdbb86667f4094972547deb936c6cdfc6d5 (6.0.23rc1)
introduced in https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/57abe5a1f2c208d05cc59029026098c2f13ed464 (4.4.0alpha3)
[stretch] - zabbix <not-affected> (Vulnerable code introduced later)
[jessie] - zabbix <not-affected> (Vulnerable code introduced later)

Search for package or bug name: Reporting problems