Login Sign Up

CVE-2024-36463

6.5 MEDIUM

📋 TL;DR

This vulnerability in Zabbix's JavaScript implementation allows attackers to manipulate the atob function to create arbitrary strings and access internal object properties. This affects Zabbix web frontend users who can execute JavaScript in their browser. The vulnerability could lead to information disclosure or privilege escalation.

💻 Affected Systems

Products:
  • Zabbix
Versions: Zabbix 7.0.0alpha1 to 7.0.0beta2
Operating Systems: All platforms running Zabbix web frontend
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the Zabbix web frontend JavaScript implementation. Requires user interaction with the web interface.

📦 What is this software?

Zabbix by Zabbix

View all CVEs affecting Zabbix →

Zabbix by Zabbix

View all CVEs affecting Zabbix →

Zabbix by Zabbix

View all CVEs affecting Zabbix →

Zabbix by Zabbix

View all CVEs affecting Zabbix →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access sensitive internal object properties, potentially leading to privilege escalation, data exfiltration, or remote code execution through chained vulnerabilities.

🟠

Likely Case

Information disclosure of internal object properties, which could reveal sensitive configuration data or enable further exploitation.

🟢

If Mitigated

Limited impact with proper input validation and output encoding in place, potentially only revealing non-sensitive internal data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires JavaScript execution in the victim's browser context, typically through XSS or user interaction with malicious content.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Zabbix 7.0.0beta3 and later

Vendor Advisory: https://support.zabbix.com/browse/ZBX-25611

Restart Required: Yes

Instructions:

1. Download Zabbix 7.0.0beta3 or later from official sources. 2. Follow Zabbix upgrade documentation for your specific deployment. 3. Restart Zabbix server and frontend services. 4. Verify the upgrade completed successfully.

🔧 Temporary Workarounds

Disable JavaScript in Zabbix Frontend

all

Temporarily disable JavaScript execution in the Zabbix web interface to prevent exploitation

Not applicable - configuration change in web server or browser settings

Restrict Access to Zabbix Frontend

all

Limit Zabbix web interface access to trusted networks only

Configure firewall rules to restrict access to Zabbix web port (default 80/443)

🧯 If You Can't Patch

  • Implement strict Content Security Policy (CSP) headers to limit JavaScript execution
  • Monitor Zabbix web server logs for suspicious JavaScript execution patterns

🔍 How to Verify

Check if Vulnerable:

Check Zabbix version via web interface (Administration → General → About) or command line: zabbix_server --version

Check Version:

zabbix_server --version | grep 'Zabbix'

Verify Fix Applied:

Verify version is 7.0.0beta3 or later and test atob function behavior in browser console

📡 Detection & Monitoring

Log Indicators:

  • Unusual JavaScript errors in browser console
  • Suspicious atob function calls in web server logs

Network Indicators:

  • Unusual JavaScript payloads in HTTP requests to Zabbix web interface

SIEM Query:

source="zabbix-web" AND (atob OR base64decode) AND status=200

📊 Metadata

CVE ID: CVE-2024-36463
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-767
Published: November 26, 2024
Last Updated: October 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36463, you might also want to check these:

CVE-2024-34162 5.3

This vulnerability affects Sharp and Toshiba multifunction printers when configured with LDAP authen...

Same vulnerability type (CWE-767)