Source: zabbix Version: 1:7.0.10+dfsg-2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerabilities were published for zabbix. CVE-2025-49641[0]: | A regular Zabbix user with no permission to the Monitoring -> | Problems view is still able to call the problem.view.refresh action | and therefore still retrieve a list of active problems. CVE-2025-27238[1]: | Due to a bug in Zabbix API, the hostprototype.get method lists all | host prototypes to users that do not have any user groups assigned | to them. CVE-2025-27236[2]: | A regular Zabbix user can search other users in their user group via | Zabbix API by select fields the user does not have access to view. | This allows data-mining some field values the user does not have | access to. CVE-2025-27233[3]: | Zabbix Agent 2 smartctl plugin does not properly sanitize | smart.disk.get parameters, allowing an attacker to inject unexpected | arguments into the smartctl command. This can be used to leak the | NTLMv2 hash from a Windows system. CVE-2025-27231[4]: | The LDAP 'Bind password' value cannot be read after saving, but a | Super Admin account can leak it by changing LDAP 'Host' to a rogue | LDAP server. To mitigate this, the 'Bind password' value is now | reset on 'Host' change. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-49641 https://www.cve.org/CVERecord?id=CVE-2025-49641 [1] https://security-tracker.debian.org/tracker/CVE-2025-27238 https://www.cve.org/CVERecord?id=CVE-2025-27238 [2] https://security-tracker.debian.org/tracker/CVE-2025-27236 https://www.cve.org/CVERecord?id=CVE-2025-27236 [3] https://security-tracker.debian.org/tracker/CVE-2025-27233 https://www.cve.org/CVERecord?id=CVE-2025-27233 [4] https://security-tracker.debian.org/tracker/CVE-2025-27231 https://www.cve.org/CVERecord?id=CVE-2025-27231 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
