Zabbix remote code execution vulnerability
Description
Zabbix before 4.2 allows User Enumeration. It is possible to enumerate application username based on different server responses (Login name or password is incorrect, Account is blocked for N seconds, No permissions for system access) using the requests to login.
Affected Applications
Zabbix Agent