Fedora EPEL 7 update for zabbix50
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-23132 CVE-2022-23133 CVE-2022-23134 CVE-2022-23131 |
| CWE-ID | CWE-264 CWE-79 CWE-284 CWE-287 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #3 is being exploited in the wild. Vulnerability #4 is being exploited in the wild. |
| Vulnerable software |
Fedora Operating systems & Components / Operating system zabbix50 Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU60812
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-23132
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to during Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix]
folder. In this case, Zabbix Proxy or Server processes can bypass file
read, write and execute permissions check on the file system level.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 7
zabbix50: before 5.0.19-1.el7
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c99f63fce9
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stored cross-site scripting
EUVDB-ID: #VU60814
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-23133
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing host groups. A remote user can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 7
zabbix50: before 5.0.19-1.el7
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c99f63fce9
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU60815
Risk: Medium
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2022-23134
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions to certain steps of setup.php file. A remote non-authenticated attacker can bypass implemented security restrictions and change the configuration of Zabbix Frontend.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 7
zabbix50: before 5.0.19-1.el7
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c99f63fce9
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
4) Improper Authentication
EUVDB-ID: #VU60811
Risk: High
CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2022-23131
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to bypass SAML authentication process.
The vulnerability exists due to unsafe usage of session data stored in local storage when using SAML SSO authentication. A remote attacker with knowledge of a valid username can bypass SAML SSO authentication and gain administrative access to Zabbix Frontend.
Successful exploitation of the vulnerability requires that the SAML SSO authentication is enabled (disabled by default).
Install updates from vendor's repository.
Vulnerable software versionsFedora: 7
zabbix50: before 5.0.19-1.el7
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c99f63fce9
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
