OverviewWhy AttestdQuickstartResponse FieldsAPI ReferenceSDK Reference↳ Python↳ JavaScriptAccount & PortalAI Agent IntegrationCI/CD IntegrationIntegrations↳ MCP Server↳ LangChain↳ LangChain (JS)↳ AutoGenProductsSupply chainFAQ
products / zabbix

Zabbix

Zabbix is an enterprise monitoring platform with agents deployed on every monitored host. A compromised Zabbix server is a surveillance window into the entire monitored fleet. NVD tracks it as zabbix:zabbix with dotted version strings (5.x, 6.x, 7.x).

api usage

Querying Zabbix

product slugzabbix
version format6.0.0, 5.4.0, 7.0.0
bash
curl "https://api.attestd.io/v1/check?product=zabbix&version=6.0.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"

Zabbix 6.0.0 is affected by CVE-2022-23134 (authentication bypass in the setup wizard, CISA KEV). The aggregated response expects risk_state: "critical" with actively_exploited: true.

json
{
  "product": "zabbix",
  "version": "6.0.0",
  "supported": true,
  "risk_state": "critical",
  "risk_factors": [
    "authentication_bypass",
    "no_authentication_required",
    "actively_exploited",
    "patch_available"
  ],
  "actively_exploited": true,
  "remote_exploitable": true,
  "authentication_required": false,
  "patch_available": true,
  "fixed_version": "6.0.4",
  "confidence": 0.93,
  "cve_ids": ["CVE-2022-23134"],
  "last_updated": "2026-05-27T00:00:00Z"
}
safe version

Zabbix 7.2.0 is used as a patched-line example; confirm with live /v1/check after ingestion.

bash
curl "https://api.attestd.io/v1/check?product=zabbix&version=7.2.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"
notable cves

CVE history

Zabbix CVE history spans authentication bypass in the setup wizard, SQL injection in monitoring APIs, stored XSS in dashboard widgets, and remote code execution via agent communication protocols.

CVEDescriptionAffectsCVSS
CVE-2022-23134Authentication bypass in Zabbix setup wizard allowing unauthenticated access to configuration and monitored host data. CISA KEV.5.4.0 to 6.0.39.8
CVE-2022-23131Authentication bypass via SAML SSO configuration allowing unauthenticated admin access.5.4.0 to 6.0.39.8
CVE-2024-22120Sensitive information disclosure via Zabbix agent communication allowing credential exposure.see NVD7.5
CVE-2023-32721SQL injection in Zabbix server API endpoints allowing database query manipulation.see NVD8.8
CVE-2021-27927Stored cross-site scripting in Zabbix dashboard widgets via crafted item names.before 5.4.96.1
related
All productsGrafanaFluentdResponse Field Reference