Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-42325

Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc.

Published

2025-04-02T07:15:41.240

Last Modified

2025-11-03T20:16:28.087

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.5 (LOW)

Weaknesses

Type: Secondary
CWE-359

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zabbix	zabbix	< 5.0.46	Yes
Application	zabbix	zabbix	< 6.0.38	Yes
Application	zabbix	zabbix	< 7.0.9	Yes
Application	zabbix	zabbix	< 7.2.3	Yes

References

https://support.zabbix.com/browse/ZBX-26258 Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2025/04/msg00027.html (af854a3a-2127-422b-91ae-364da2661108)