SB2022022306 - Multiple vulnerabilities in Zabbix
Published: February 23, 2022 Updated: September 20, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Stored cross-site scripting (CVE-ID: CVE-2022-23133)
The disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing host groups. A remote user can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-23132)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to during Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix]
folder. In this case, Zabbix Proxy or Server processes can bypass file
read, write and execute permissions check on the file system level.
3) Improper Authentication (CVE-ID: CVE-2022-23131)
The vulnerability allows a remote attacker to bypass SAML authentication process.
The vulnerability exists due to unsafe usage of session data stored in local storage when using SAML SSO authentication. A remote attacker with knowledge of a valid username can bypass SAML SSO authentication and gain administrative access to Zabbix Frontend.
Successful exploitation of the vulnerability requires that the SAML SSO authentication is enabled (disabled by default).
Remediation
Install update from vendor's website.
References
- https://support.zabbix.com/browse/ZBX-20388
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/
- https://support.zabbix.com/browse/ZBX-20341
- https://support.zabbix.com/browse/ZBX-20350