Unrated severityNVD Advisory· Published Nov 28, 2024· Updated Dec 4, 2024
Unauthenticated Zabbix frontend takeover when SSO is being used
CVE-2024-36466
Description
A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.