Unrated severityNVD Advisory· Published Dec 14, 2013· Updated Apr 29, 2026
CVE-2013-1364
CVE-2013-1364
Description
The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.
Affected products
6cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*range: <=1.8.15
- cpe:2.3:a:zabbix:zabbix:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- secunia.com/advisories/55824nvdVendor Advisory
- www.zabbix.com/rn1.8.16.phpnvdVendor Advisory
- www.zabbix.com/rn2.0.5rc1.phpnvdVendor Advisory
- security.gentoo.org/glsa/glsa-201311-15.xmlnvd
- www.securityfocus.com/bid/57471nvd
- support.zabbix.com/browse/ZBX-6097nvd
News mentions
0No linked articles in our index yet.