CVE-2020-11800
published 2020-10-07CVE-2020-11800: Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | zabbix | < zabbix 1:4.0.0+dfsg-1 (bookworm) | zabbix 1:4.0.0+dfsg-1 (bookworm) |
| opensuse | backports_sle | — | — |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
| zabbix | zabbix | — | — |
| zabbix | zabbix | >= 0 < 1:4.0.0+dfsg-1 | 1:4.0.0+dfsg-1 |
| zabbix | zabbix | >= 0 < 1:4.0.0+dfsg-1 | 1:4.0.0+dfsg-1 |
| zabbix | zabbix | >= 0 < 1:4.0.0+dfsg-1 | 1:4.0.0+dfsg-1 |
| zabbix | zabbix | >= 0 < 1:4.0.0+dfsg-1 | 1:4.0.0+dfsg-1 |
| zabbix | zabbix | >= 0 < 1:2.2.2+dfsg-1ubuntu1+esm4 | 1:2.2.2+dfsg-1ubuntu1+esm4 |
| zabbix | zabbix | >= 0 < 1:2.4.7+dfsg-2ubuntu2.1+esm3 | 1:2.4.7+dfsg-2ubuntu2.1+esm3 |
| zabbix | zabbix | >= 0 < 1:3.0.12+dfsg-1ubuntu0.1~esm3 | 1:3.0.12+dfsg-1ubuntu0.1~esm3 |
| zabbix | zabbix | >= 0 < 1:4.0.17+dfsg-1ubuntu0.1~esm1 | 1:4.0.17+dfsg-1ubuntu0.1~esm1 |
| zabbix | zabbix | >= 2.2.0 < 3.0.31 | 3.0.31 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL