CVE-2023-29449 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-29449 Interim 1 6 2025-02-16T02:16:21Z current 2023-07-13T23:16:37Z 2025-02-16T02:16:21Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-29449 JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server Teradata 12 SP3 SUSE Linux Enterprise Server Teradata 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 zabbix zabbix-agent zabbix as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 zabbix-agent as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS zabbix as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS zabbix-agent as a component of SUSE Linux Enterprise Server 12 SP4-LTSS zabbix as a component of SUSE Linux Enterprise Server 12 SP4-LTSS zabbix-agent as a component of SUSE Linux Enterprise Server 12 SP5 zabbix as a component of SUSE Linux Enterprise Server 12 SP5 zabbix as a component of SUSE Linux Enterprise Server Teradata 12 SP3 zabbix as a component of SUSE Linux Enterprise Server Teradata 12 SP3-LTSS zabbix-agent as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 zabbix as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 zabbix as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 zabbix-agent as a component of SUSE OpenStack Cloud 9 zabbix as a component of SUSE OpenStack Cloud 9 zabbix-agent as a component of SUSE OpenStack Cloud Crowbar 9 zabbix as a component of SUSE OpenStack Cloud Crowbar 9 JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access. CVE-2023-29449 SUSE Linux Enterprise High Performance Computing 12 SP5:zabbix SUSE Linux Enterprise Server 12 SP4-ESPOS:zabbix SUSE Linux Enterprise Server 12 SP4-ESPOS:zabbix-agent SUSE Linux Enterprise Server 12 SP4-LTSS:zabbix SUSE Linux Enterprise Server 12 SP4-LTSS:zabbix-agent SUSE Linux Enterprise Server 12 SP5:zabbix SUSE Linux Enterprise Server 12 SP5:zabbix-agent SUSE Linux Enterprise Server Teradata 12 SP3-LTSS:zabbix SUSE Linux Enterprise Server Teradata 12 SP3:zabbix SUSE Linux Enterprise Server for SAP Applications 12 SP4:zabbix SUSE Linux Enterprise Server for SAP Applications 12 SP4:zabbix-agent SUSE Linux Enterprise Server for SAP Applications 12 SP5:zabbix SUSE OpenStack Cloud 9:zabbix SUSE OpenStack Cloud 9:zabbix-agent SUSE OpenStack Cloud Crowbar 9:zabbix SUSE OpenStack Cloud Crowbar 9:zabbix-agent moderate 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H