cvedb.io
CVE-2017-2826
LOW · CVSS 3.7
EPSS exploitation probability: 0%
Published 2018-04-09T20:29:00.217 · Last modified 2026-06-17T01:16:56.533

Summary

An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Affected products

zabbix — zabbix

Does this affect you?

Add your gear to cvedb and we'll alert you only when zabbix ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.