CVE-2021-27927 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Authentication bypass
Description	In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism. In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerModuleScan view lacks a CSRF protection mechanism. In both cases, the code calls diableSIDValidation inside the init() method. An attacker doesn't have to know Zabbix user login credentials, but has to know the correct Zabbix URL and contact information of an existing user with sufficient privileges.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1771	zabbix-frontend-php	5.2.5-1	5.2.6-1	Medium	Fixed

References
https://support.zabbix.com/browse/ZBX-18942 https://support.zabbix.com/browse/DEV-1794 https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/d039aaea56a98486e3b02433d581b4140fbf6fea https://support.zabbix.com/browse/ZBX-19150 https://support.zabbix.com/browse/DEV-1853 https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/ee6a7de015922121ecf33b856c210e12e9aa84f2

References

https://support.zabbix.com/browse/ZBX-18942
https://support.zabbix.com/browse/DEV-1794
https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/d039aaea56a98486e3b02433d581b4140fbf6fea
https://support.zabbix.com/browse/ZBX-19150
https://support.zabbix.com/browse/DEV-1853
https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/ee6a7de015922121ecf33b856c210e12e9aa84f2