Unrated severityNVD Advisory· Published Jul 13, 2023· Updated Nov 3, 2025

Unauthorized limited filesystem access from preprocessing

CVE-2023-29450

Description

JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Zabbix/Zabbixllm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 5.0
osv-coords2 versions
pkg:rpm/suse/zabbix&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/zabbix&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 4.0.12-4.24.1+ 1 more
- (no CPE)range: < 4.0.12-4.24.1
- (no CPE)range: < 4.0.12-4.24.1

Patches

Vulnerability mechanics

References

lists.debian.org/debian-lts-announce/2023/08/msg00027.htmlmitre
support.zabbix.com/browse/ZBX-22588mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000