Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Zabbix | Zabbix | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-4131-1 | zabbix security update |
 EUVD |
EUVD-2024-54348 | Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. |
Mon, 03 Nov 2025 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 08 Oct 2025 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Zabbix
Zabbix zabbix |
|
| CPEs | cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Zabbix
Zabbix zabbix |
|
| Metrics |
cvssV3_1
|
Wed, 02 Apr 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 02 Apr 2025 06:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. | |
| Title | User enumeration via timing attack in Zabbix web interface | |
| Weaknesses | CWE-208 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: Zabbix
Published:
Updated: 2025-11-03T19:30:06.293Z
Reserved: 2024-05-28T11:21:24.947Z
Link: CVE-2024-36469
Vulnrichment
Updated: 2025-04-02T15:01:06.078Z
NVD
Status : Modified
Published: 2025-04-02T07:15:40.147
Modified: 2025-11-03T20:16:14.830
Link: CVE-2024-36469
Redhat
No data.
OpenCVE Enrichment
No data.