CVE-2013-1364
EPSS 0.44%
Description
The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.
How to fix CVE-2013-1364
To remediate CVE-2013-1364, upgrade the affected package to a fixed version below.
- Debian/zabbix—upgrade to 1:2.0.4+dfsg-2 or later
Is CVE-2013-1364 being exploited?
Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:2.0.4+dfsg-2