Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Zenoss < 4.2.5 Multiple Vulnerabilities



The remote server hosting Zenoss Core is running an outdated and vulnerable version.


Versions of Zenoss prior to 4.2.5 are unpatched and potentially affected by multiple vulnerabilities :

- Prone to a cross-site request forgery that could be used to trick a user into changing their password.(ZEN-12653)

- A stored cross-site scripting vulnerability on pages which display device names and details.(ZEN-15381)

- Multiple information-disclosure vulnerabilities due to the stack trace returning sensitive information when renaming a product with special characters.(ZEN-15382)

- An open redirect vulnerability exposed in the login form.(ZEN-11998)

- Remote code execution vulnerability which can occur via Version Check.(ZEN-12657)

- Authorization Bypass allowing an attacker to move or execute files on the server remotely.(ZEN-15386)

- A cross-site request forgery which leads to ZenPack installation at time of server boot.(ZEN-15388)

- Login sessions to Zenoss do not expire.(ZEN-12691)

- Information Disclosure permitting unprivileged users to list all users of Zenoss.(ZEN-15389)

- Multiple logon vulnerabilities due to insecure password hashing, low complexity requirements, and plaintext credential storage on the server.(ZEN-15413, ZEN-15406, ZEN-15416, ZEN-10148)

- Authorization bypass exists in Zope web platform invoked through as web endpoints through numerous helper methods.(ZEN-15407)

- Unnecessary exposed services in default Zenoss configuration.(ZEN-15408)

- Several stored and reflected cross-site scripting vulnerabilities due to the way data is displayed on asset detail pages.(ZEN-15410)

- Denial of Service vulnerability on a publicly accessible endpoint of Zenoss to specify an exhaustive regex which could render the application inaccessible.(ZEN-15411)

- Page Command for sysadmins via Zenoss can be edited without password re-entry.(ZEN-15412)

- "Billion Laughs" Denial of Service vulnerability which can result in remote code execution.(ZEN-15414, ZEN-15415)


Upgrade to Zenoss Core 4.2.5 or later.