Ad Widget

Collapse

CVE-2025-14847

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • mouchyn
    Junior Member
    • Apr 2021
    • 9
    #1

    CVE-2025-14847

    Our IT Security team says all of our zabbix-agent2 instances are vulnerable to CVE-2025-14847. Can anyone positively confirm or deny that? Should we assign resources to patch all deployed zabbix agents outside of our normal patch cycle?

    Thanks!
    Tags: None
    • PavelZ
      Senior Member
      • Dec 2024
      • 162
      #2
      Do you usually install the package zabbix-agent2-plugin-mongodb plugin?
      Try uninstalling it and asking them again.

        Comment

        • mouchyn
          Junior Member
          • Apr 2021
          • 9
          #3
          Yep, that was it. Thanks! All of our RHEL systems have this installed, presumably because of zabbix agent defaults:

          # yum list installed | grep zabbix
          zabbix-agent2.x86_64 7.0.22-release1.el9 zabbix
          zabbix-agent2-plugin-mongodb.x86_64 7.0.22-release1.el9 zabbix
          zabbix-agent2-plugin-mssql.x86_64 7.0.22-release1.el9 zabbix
          zabbix-agent2-plugin-postgresql.x86_64 7.0.22-release1.el9 zabbix
          zabbix-get.x86_64 7.0.22-release1.el9 zabbix
          zabbix-release.noarch 7.0-5.el9 zabbix
          zabbix-sender.x86_64 7.0.22-release1.el9 zabbix

          They used the fleet inventory system to query for installed software that includes "mongodb" and NOT $known-good-version-number. I pointed out how the report is a false positive and we're all good.

            Comment

            Previous template Next
            Working...