Bug 2251873 (CVE-2023-32724)

Summary: CVE-2023-32724 zabbix: JS engine memory pointers are directly available for Zabbix users for modification
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2251874    
Bug Blocks:    

Description Marian Rehak 2023-11-28 06:35:18 UTC 
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.The overall impact is not limited by the limitation bypass and allows users with access to a single item configuration (limited role) to compromise the whole infrastructure of the monitoring solution by remote code execution.

Reference:

https://support.zabbix.com/browse/ZBX-23391
Comment 1 Marian Rehak 2023-11-28 06:35:32 UTC 
Created zabbix tracking bugs for this issue:

Affects: fedora-all [bug 2251874]