Skip to content

This template monitors active security advisories and CVEs in the Zabbix environment. It captures the latest security advisories and CVE information to generate the same view in Zabbix, ensuring continuous monitoring and integration. Date: 2024-07-18

Notifications You must be signed in to change notification settings

higorcamposs/zabbix-security-advisories-cve-database

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 

Repository files navigation

Zabbix Security Advisories and CVE database


📢 If you have any considerations, suggestions, or questions, feel free to contact me! I am available to help.


This template monitors security advisories and CVE database published by Zabbix.

It captures the latest security advisories and CVE information to generate the same view in Zabbix, ensuring continuous monitoring and integration.

Template Contents

  • 1 Macro
  • 1 Item
  • 1 Discovery
    • 1 Item prototype
    • 1 Trigger prototype

Item

The item is of type "External Scripts", triggering the script getCve.py and passing the macro as parameters:

getCve.py[{$ZBXVERSION}]

Exemples:

  • If your version is LTS, enter: 6.0 lts
  • If it is not LTS, enter: 5.4

Script

This script fetches and parses the latest Zabbix security advisories and CVEs from the official website, filtering and formatting the data for integration with Zabbix.

It expects the Zabbix version as an input parameter, provided via the macro {$ZBXVERSION}.

The output is formatted in JSON, with macros ready for use in Zabbix.

Ensure that the required libraries are installed. You can install BeautifulSoup using:

pip3 install bs4

Discovery

The discovery is of the dependent type, with the master item being the script's result. It contains an override to create triggers according to the received severity.

Severity Overrides

  • Critical: Severity set to Disaster.
  • High: Severity set to High.
  • Medium: Severity set to Average.
  • Low: Severity set to Warning.

Severity Descriptions

  • Critical (Disaster): Vulnerabilities that could be easily exploited by a remote unauthenticated actor and lead to Zabbix compromise without requiring user interaction or allow remote unauthorized users to gain Super Admin privileges. Please install required updates or apply workarounds as soon as possible.

  • High (High): Vulnerabilities that can easily compromise the confidentiality, integrity, or availability of Zabbix components. These vulnerabilities allow local or authenticated users to gain additional privileges, allow remote unauthorized users to view information in Zabbix, or allow authenticated remote users to execute arbitrary code. Install required updates based on your maintenance window.

  • Medium (Average): Vulnerabilities that may be more difficult to exploit but could still lead to some compromise of the confidentiality, integrity, or availability of Zabbix under certain circumstances. Such vulnerabilities could have a Critical or High severity but are less easily exploited and/or affect unlikely configurations. Evaluate possible risks and install updates if it is required.

  • Low (Warning): Other vulnerabilities that may have a security impact. Such vulnerabilities require unlikely circumstances to be exploited, or their successful exploitation would give minimal consequences. Evaluate possible risks and install updates if it is required.

Item Prototype

The "Item prototype" carries the severity value.

Trigger Prototype

The "Trigger prototype" checks if the value is different from the status "Green".

  • Trigger Name: The trigger name includes the CVE number, CVSS score, synopsis, and Zabbix severity.
  • URL Link: Each trigger will have a link to the Zabbix Security Advisories page: Zabbix Security Advisories.
  • Description: The trigger description will include the detailed description of the CVE.

About

This template monitors active security advisories and CVEs in the Zabbix environment. It captures the latest security advisories and CVE information to generate the same view in Zabbix, ensuring continuous monitoring and integration. Date: 2024-07-18

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages