Uncontrolled Resource Exhaustion in Zabbix Server Enables DoS
CVE-2024-45700 Published on April 2, 2025
DoS vulnerability due to uncontrolled resource exhaustion
Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading to a service crash.
Weakness Type
Allocation of Resources Without Limits or Throttling
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
Products Associated with CVE-2024-45700
Want to know whenever a new CVE is published for Zabbix? stack.watch will email you.
Affected Versions
Zabbix:- Version 6.0.0, <= 6.0.38 is affected.
- Version 7.0.0, <= 7.0.9 is affected.
- Version 7.2.0, <= 7.2.3 is affected.
- Version 7.4.0alpha1 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.