216.73.217.80

CVE-2025-27236

· Published 03/10/2025 12:15 · Modified 03/10/2025 12:15

Labels: CVE-2025-27236 2025-10-03CVE-2025-27236CWE-863[email protected]

Essential information

Published
03/10/2025 12:15
Modified
03/10/2025 12:15
Author
Creator
CVSS
2.1 LOW (v3) 2.1 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
zabbix / zabbix cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*

References