CVE-2024-36468 - Vulnerability Details - OpenCVE

The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Zabbix	Zabbix

Configuration 1 [-]

cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://support.zabbix.com/browse/ZBX-25621

History

Wed, 08 Oct 2025 16:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:zabbix:zabbix::::::::

Wed, 27 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 27 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
Description		The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking.
Title		Stack buffer overflow in zbx_snmp_cache_handle_engineid
Weaknesses		CWE-121
References		https://support.zabbix.com/browse/ZBX-25621
Metrics		cvssV3_1 `{'score': 3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: Zabbix

Published: 2024-11-27T12:03:07.626Z

Updated: 2024-11-27T14:57:32.411Z

Reserved: 2024-05-28T11:21:24.947Z

Link: CVE-2024-36468

Vulnrichment

Updated: 2024-11-27T14:57:29.301Z

NVD

Status : Analyzed

Published: 2024-11-27T12:15:20.383

Modified: 2025-10-08T16:22:08.123

Link: CVE-2024-36468

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36468", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "state": "PUBLISHED", "assignerShortName": "Zabbix", "dateReserved": "2024-05-28T11:21:24.947Z", "datePublished": "2024-11-27T12:03:07.626Z", "dateUpdated": "2024-11-27T14:57:32.411Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Proxy", "Server"], "product": "Zabbix", "repo": "https://git.zabbix.com/", "vendor": "Zabbix", "versions": [{"changes": [{"at": "7.0.3rc1", "status": "unaffected"}], "lessThanOrEqual": "7.0.2rc1", "status": "affected", "version": "7.0.0", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Zabbix wants to thank chamal for submitting this report on the HackerOne bug bounty platform"}], "datePublic": "2024-09-12T12:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking."}], "value": "The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking."}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2024-11-27T12:03:07.626Z"}, "references": [{"url": "https://support.zabbix.com/browse/ZBX-25621"}], "source": {"discovery": "EXTERNAL"}, "title": "Stack buffer overflow in zbx_snmp_cache_handle_engineid", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-27T14:57:25.702787Z", "id": "CVE-2024-36468", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T14:57:32.411Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-36468", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-27T14:57:25.702787Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T14:57:29.301Z"}}], "cna": {"title": "Stack buffer overflow in zbx_snmp_cache_handle_engineid", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Zabbix wants to thank chamal for submitting this report on the HackerOne bug bounty platform"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 3, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://git.zabbix.com/", "vendor": "Zabbix", "modules": ["Proxy", "Server"], "product": "Zabbix", "versions": [{"status": "affected", "changes": [{"at": "7.0.3rc1", "status": "unaffected"}], "version": "7.0.0", "versionType": "git", "lessThanOrEqual": "7.0.2rc1"}], "defaultStatus": "unaffected"}], "datePublic": "2024-09-12T12:30:00.000Z", "references": [{"url": "https://support.zabbix.com/browse/ZBX-25621"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking.", "supportingMedia": [{"type": "text/html", "value": "The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2024-11-27T12:03:07.626Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36468", "state": "PUBLISHED", "dateUpdated": "2024-11-27T14:57:32.411Z", "dateReserved": "2024-05-28T11:21:24.947Z", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "datePublished": "2024-11-27T12:03:07.626Z", "assignerShortName": "Zabbix"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1F679BD-7DB5-4B97-8644-C7240727CBF9", "versionEndExcluding": "7.0.3", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking."}, {"lang": "es", "value": "La vulnerabilidad informada es un desbordamiento del b\u00fafer de pila en la funci\u00f3n zbx_snmp_cache_handle_engineid dentro del c\u00f3digo del servidor/proxy Zabbix. Este problema ocurre al copiar datos de session->securityEngineID a local_record.engineid sin la verificaci\u00f3n de los l\u00edmites adecuada."}], "id": "CVE-2024-36468", "lastModified": "2025-10-08T16:22:08.123", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.0, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 1.4, "source": "security@zabbix.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-11-27T12:15:20.383", "references": [{"source": "security@zabbix.com", "tags": ["Vendor Advisory"], "url": "https://support.zabbix.com/browse/ZBX-25621"}], "sourceIdentifier": "security@zabbix.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "security@zabbix.com", "type": "Secondary"}]}