What is CVE-2019-17382?

CVE-2019-17382 is a vulnerability in N/a. Published 2019-10-09.

Is CVE-2019-17382 known to be exploited?

18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-17382

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/…

EPSS: 0.937 (99.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

K3ysTr0K3R/CVE-2019-17382-EXPLOIT
20142995/nuclei-templates
20142995/sectool
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
Elsfa7-110/kenzer-templates
K3ysTr0K3R/K3ysTr0K3R
StarCrossPortal/scalpel
anonymous364872/Rapier_
apif-review/APIF_

References

www.exploit-db.com/exploits/47467
[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update (mailing-list)

Frequently asked questions

What is CVE-2019-17382?: CVE-2019-17382 is a vulnerability in N/a. Published 2019-10-09.
Is CVE-2019-17382 known to be exploited?: 18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.