ID:3697 - Exploit for Permissions, Privileges, and Access Controls - CVE-2013-5572

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:3697 - Exploit for Permissions, Privileges, and Access Controls - CVE-2013-5572

ID:3697 - Exploit for Permissions, Privileges, and Access Controls - CVE-2013-5572

Published: August 4, 2020


Vulnerability identifier: #VU33097
Vulnerability risk: Low
CVE-ID: CVE-2013-5572
CWE-ID: CWE-264
Exploitation vector: Remote access
Vulnerable software:

Link to public exploit:


Vulnerability description

The vulnerability allows a remote #AU# to gain access to sensitive information.

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.


Remediation

Install update from vendor's website.