A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-agent" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-agent-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-agent2" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-agent2-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-frontend-php" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-java-gateway" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-proxy-mysql" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-proxy-mysql-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-proxy-pgsql" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-proxy-pgsql-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-proxy-sqlite3" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-proxy-sqlite3-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-sender" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-sender-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-server-mysql" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-server-mysql-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-server-pgsql" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-server-pgsql-dbgsym" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-web-service" }, { "binary_version": "1:7.0.2+dfsg-1", "binary_name": "zabbix-web-service-dbgsym" } ] }