CVE-2024-36466 | Zabbix up to 6.0.31/6.4.16/7.0.0 Cookie zbx_session authentication spoofing

Posted by Angelo Barbosa | Nov 28, 2024 | CVE

A vulnerability was found in Zabbix up to 6.0.31/6.4.16/7.0.0 and classified as critical. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation of the argument zbx_session leads to authentication bypass by spoofing.

This vulnerability is handled as CVE-2024-36466. The attack may be launched remotely. There is no exploit available.

CVE-2024-36466 | Zabbix up to 6.0.31/6.4.16/7.0.0 Cookie zbx_session authentication spoofing

Related Posts

CVE-2024-7858 | Media Library Folders Plugin up to 8.2.3 on WordPress authorization

VDB-254692 | Microsoft Windows Defender access control

CVE-2023-50926 | Contiki-NG up to 4.9 length out-of-bounds (GHSA-jp4p-fq85-jch2)

CVE-2024-45962 | October CMS up to 3.6.30 PDF File cross site scripting