Detections
Analytics
Zabbix < 1.8.18 / 2.0.9 Multiple SQL Injection Vulnerabilities
medium Nessus Network Monitor Plugin ID 8049
Synopsis
The remote host is running a web application that is vulnerable to a SQL-injection attack.Description
The remote host is running Zabbix, an IT monitoring service. Versions of Zabbix earlier than 1.8.18 or 2.0.9 are contain a number of SQL injection vulnerabilities via the API and web front end. The following API methods are reported to be vulnerable:- alert.get: time_from, time_till;
- event.get: object, source, eventid_from, eventid_till;
- graphitem.get: parameter: type;
- graph.get: parameter: type;
- graphprototype.get: parameter: type;
- history.get: parameter: time_from, time_till;
- trigger.get: parameter: lastChangeSince, lastChangeTill, min_severity;
- triggerprototype.get: parameter: min_severity;
- usergroup.get: parameter: status
Other pages vulnerable to SQL injection include the "Dashboard", "Graphs", "Maps", "Latest data" and "Screens" pages in the "Monitoring" section. Successful attacks allow an attacker to gain access to the database and execute arbitrary SQL statements.
Solution
Upgrade to Zabbix 2.0.9 / 1.8.18 or later. Additionally, patches are available for versions 2.0.8 / 1.8.17 / 1.8.2.See Also
http://packetstormsecurity.com/files/123511/Zabbix-2.0.8-SQL-Injection.html
Plugin Details
Severity: Medium
ID: 8049
Family: Generic
Published: 11/12/2010
Updated: 3/6/2019
Nessus ID: 70497
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 5.6
Temporal Score: 5.4
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:zabbix:zabbix
Patch Publication Date: 10/2/2013
Vulnerability Publication Date: 10/2/2013
Exploitable With
Metasploit (linux/http/zabbix_sqli.rbcpe=cpe:/a:zabbix:zabbix)
Reference Information
CVE: CVE-2013-5743
BID: 62794