{"id":"CVE-2019-17382","details":"An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.","modified":"2026-03-14T09:32:12.938134Z","published":"2019-10-09T14:15:12.817Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/47467"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.4"}]},{"events":[{"introduced":"0"},{"last_affected":"4.4."}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17382.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}