Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-2826

An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.5%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
Products affected by CVE-2017-2826
  • Zabbix » Zabbix » Version: 2.4.0
    cpe:2.3:a:zabbix:zabbix:2.4.0
  • Zabbix » Zabbix » Version: 2.4.1
    cpe:2.3:a:zabbix:zabbix:2.4.1
  • Zabbix » Zabbix » Version: 2.4.2
    cpe:2.3:a:zabbix:zabbix:2.4.2
  • Zabbix » Zabbix » Version: 2.4.3
    cpe:2.3:a:zabbix:zabbix:2.4.3
  • Zabbix » Zabbix » Version: 2.4.4
    cpe:2.3:a:zabbix:zabbix:2.4.4
  • Zabbix » Zabbix » Version: 2.4.5
    cpe:2.3:a:zabbix:zabbix:2.4.5
  • Zabbix » Zabbix » Version: 2.4.6
    cpe:2.3:a:zabbix:zabbix:2.4.6
  • Zabbix » Zabbix » Version: 2.4.7
    cpe:2.3:a:zabbix:zabbix:2.4.7
  • Zabbix » Zabbix » Version: 2.4.8
    cpe:2.3:a:zabbix:zabbix:2.4.8
  • Zabbix » Zabbix » Version: 2.4.9
    cpe:2.3:a:zabbix:zabbix:2.4.9
  • Debian » Debian Linux » Version: 8.0
    cpe:2.3:o:debian:debian_linux:8.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved