From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: CVE-2024-22123 2. Vulnerability Type: Security (Defect) 3. Priority: Minor 4. Affected Versions: 5.0.42, 6.0.30, 6.4.15, 7.0.0rc2 5. Component: Server 6. Description: - Mitre ID: CVE-2024-22123 - CVSS Score: 2.7 - CVSS Vector: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N - Severity: Low - Summary: Zabbix Arbitrary File Read - Description: Setting SMS media allows setting the GSM modem file. Later, this file is used as the modem. However, since everything is file-based, on Linux, another file can be set—e.g., will attempt to communicate with it. As a result, logs are corrupted, AT commands are broken, and part of the log file content is leaked. 7. Vulnerability Classification: - CWE: CWE-94 Improper Control of Generation of Code ('Code Injection') - CAPEC: CAPEC-253 Remote Code Injection 8. Known Attack Vectors: - Impact is very low; it is possible to corrupt Zabbix log files and read Zabbix logs (without controlling which part). Additionally, on the Zabbix server, for users with higher privileges, some Denial of Service (DoS) attacks may be possible. 9. Fix Status: - Fixed Versions: 5.0.43rc1, 6.0.31rc1, 6.4.16rc1, 7.0.0rc3 - Compatibility: None 10. Reporter: Melnikovs 11. Update Time: Yesterday 18:12 12. Resolution Time: Yesterday 16:21 This information helps understand the vulnerability's details, scope of impact, and remediation status.