Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-36464

When exporting media types, the password is exported in the YAML in plain text. This appears to be a best practices type issue and may have no actual impact. The user would need to have permissions to access the media types and therefore would be expected to have access to these passwords.

Published

2024-11-27T14:15:17.830

Last Modified

2025-11-03T22:16:58.307

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.7 (LOW)

Weaknesses

Type: Secondary
CWE-256

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zabbix	zabbix	< 6.0.30	Yes
Application	zabbix	zabbix	< 6.4.15	Yes

References

https://support.zabbix.com/browse/ZBX-25630 Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2024/12/msg00005.html (af854a3a-2127-422b-91ae-364da2661108)