{"id":"CVE-2024-36469","details":"Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one.","modified":"2026-05-31T00:53:44.602906Z","published":"2025-04-02T07:15:40.147Z","related":["SUSE-SU-2026:0483-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_RANGE","extracted_events":[{"introduced":"5.0.0"},{"fixed":"5.0.46"},{"introduced":"7.2.0"},{"fixed":"7.2.3"}],"cpes":["cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*"],"vendor_product":"zabbix:zabbix"}]},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00027.html"},{"type":"ADVISORY","url":"https://support.zabbix.com/browse/ZBX-26255"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zabbix/zabbix","events":[{"introduced":"5203d2ea7d901cd33d148f20586e2155901a7faa"},{"fixed":"9bdb1c8ab4ee57c7f55ca648eab6b6d7df816e70"},{"introduced":"49955f1fb5c9168a8a24b053f7ade6b3d903143c"},{"fixed":"05b8b05eefe2352580b4069745ca76fc5d82892d"}],"database_specific":{"cpe":"cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"6.0.0"},{"fixed":"6.0.38"},{"introduced":"7.0.0"},{"fixed":"7.0.9"}],"source":"CPE_RANGE"}}],"versions":["7.0.9rc2","6.0.38rc1","7.0.9rc1","7.0.8","7.0.8rc2","7.0.8rc1","7.0.7","7.0.7rc1","7.0.6","7.0.6rc1","6.0.37","6.0.37rc1","6.0.36","6.0.36rc1","6.0.35","7.0.5","6.0.35rc1","7.0.5rc1","6.0.34","6.0.34rc2","7.0.4","7.0.4rc1","6.0.34rc1","7.0.3","6.0.33rc1","6.0.33","7.0.3rc1","7.0.2","7.0.2rc2","7.0.2rc1","7.0.1","7.0.1rc2","6.0.32","7.0.1rc1","6.0.32rc1","6.0.31","6.0.31rc1","7.0.0","6.0.30","6.0.30rc1","6.0.29","6.0.29rc1","6.0.28","6.0.28rc1","6.0.27rc1","6.0.27","6.0.26","6.0.26rc1","6.0.25","6.0.25rc1","6.0.23","6.0.23rc1","6.0.22","6.0.22rc1","6.0.21","6.0.21rc1","6.0.20","6.0.20rc1","6.0.19","6.0.19rc1","6.0.18rc1","6.0.18","6.0.17","6.0.17rc2","6.0.17rc1","6.0.16","6.0.16rc1","6.0.15","6.0.15rc2","6.0.15rc1","6.0.14","6.0.14rc2","6.0.14rc1","6.0.13","6.0.13rc1","6.0.12","6.0.12rc2","6.0.12rc1","6.0.11","6.0.11rc2","6.0.11rc1","6.0.10rc1","6.0.10","6.0.10rc2","6.0.9","6.0.9rc2","6.0.9rc1","6.0.8","6.0.8rc2","6.0.8rc1","6.0.7","6.0.1","6.0.7rc1","6.0.6","6.0.6rc1","6.0.5","6.0.5rc1","6.0.4","6.0.4rc1","6.0.3","6.0.3rc1","6.0.2","6.0.2rc1","6.0.1rc4","6.0.1rc3","6.0.1rc2","6.0.1rc1","6.0.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36469.json","vanir_signatures_modified":"2026-05-31T00:53:44Z","vanir_signatures":[{"source":"https://github.com/zabbix/zabbix/commit/9bdb1c8ab4ee57c7f55ca648eab6b6d7df816e70","signature_type":"Line","id":"CVE-2024-36469-5ffc5e1c","digest":{"threshold":0.9,"line_hashes":["218241790889613263749723829365647413119","181211334055724909065451947901015648800","320688095896390955845391058003752071442","165613317246864125185046043417674714883","198922002892273503669281031937770881780","335617424418717674993696013793490182228"]},"target":{"file":"src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"},"signature_version":"v1","deprecated":false},{"source":"https://github.com/zabbix/zabbix/commit/05b8b05eefe2352580b4069745ca76fc5d82892d","signature_type":"Line","id":"CVE-2024-36469-e7849cba","digest":{"threshold":0.9,"line_hashes":["190464864599865299809012152270943701561","328906449186832088297660514526265364375","286129909832987403477167540569786564614","235869184425772621204330450374322454505","79306967847642363028463673720861047964","65107104445716602189932657718574404755"]},"target":{"file":"src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"},"signature_version":"v1","deprecated":false}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}