{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T07:36:04.329","vulnerabilities":[{"cve":{"id":"CVE-2024-36466","sourceIdentifier":"security@zabbix.com","published":"2024-11-28T08:15:05.290","lastModified":"2025-10-08T15:31:30.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions."},{"lang":"es","value":"Un error en el código permite a un atacante firmar una cookie zbx_session falsificada, que luego le permite iniciar sesión con permisos de administrador."}],"metrics":{"cvssMetricV31":[{"source":"security@zabbix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@zabbix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.32","matchCriteriaId":"57D9EFCF-3E94-49ED-9065-7F7BE0B35806"},{"vulnerable":true,"criteria":"cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.17","matchCriteriaId":"6A34604B-E82D-4928-BCF9-F726A020E43E"},{"vulnerable":true,"criteria":"cpe:2.3:a:zabbix:zabbix:7.0.0:-:*:*:*:*:*:*","matchCriteriaId":"754054C2-41C9-46A2-980C-29FBE5AAF604"}]}]}],"references":[{"url":"https://support.zabbix.com/browse/ZBX-25635","source":"security@zabbix.com","tags":["Vendor Advisory"]}]}}]}