{"id":"CVE-2020-11800","details":"Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.","modified":"2026-03-15T22:32:25.216953Z","published":"2020-10-07T16:15:15.343Z","related":["openSUSE-SU-2020:1604-1"],"references":[{"type":"ADVISORY","url":"https://support.zabbix.com/browse/ZBX-17600"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00039.html"},{"type":"ADVISORY","url":"https://support.zabbix.com/browse/DEV-1538"},{"type":"REPORT","url":"https://support.zabbix.com/browse/ZBXSEC-30"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11800.json","unresolved_ranges":[{"events":[{"introduced":"2.2.0"},{"fixed":"3.0.31"}]},{"events":[{"introduced":"0"},{"last_affected":"3.2.0-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0-sp2"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.2"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"3.0.x"},{"fixed":"3.0.31"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}