Zabbix 2.0.8 SQL injection
Description
Zabbix version 2.0.8 contains an SQL injection vulnerability in its API and frontend components that allows unauthenticated attackers to inject malicious SQL commands into database queries. This vulnerability exists due to insufficient input validation and sanitization, enabling attackers to manipulate SQL statements executed by the application's database server.
Remediation
Immediately upgrade Zabbix to version 2.2.0 or later, which addresses this SQL injection vulnerability (reference ZBX-7091). Follow these steps to remediate:<br/><br/>1. <strong>Backup your system:</strong> Create a complete backup of your Zabbix database and configuration files before proceeding<br/>2. <strong>Review the upgrade documentation:</strong> Consult the official Zabbix upgrade guide for version-specific migration requirements<br/>3. <strong>Perform the upgrade:</strong> Follow the official upgrade procedure for your installation method (package manager, source, or Docker)<br/>4. <strong>Verify the upgrade:</strong> Confirm the new version is running and all functionality is operational<br/>5. <strong>Review access logs:</strong> Examine database and application logs for any suspicious activity that may indicate prior exploitation<br/><br/>As a temporary mitigation if immediate patching is not possible, restrict network access to the Zabbix web interface using firewall rules or web application firewall (WAF) policies to limit exposure to trusted IP addresses only.