Main Vulnerability Database Exploits ID:10517 - Exploit for Improper Authentication in Zabbix - CVE-2022-23131

ID:10517 - Exploit for Improper Authentication in Zabbix - CVE-2022-23131

Published: September 20, 2024

Vulnerability identifier: #VU60811

Vulnerability risk: High

CVE-ID: CVE-2022-23131

CWE-ID: CWE-287

Exploitation vector: Remote access

Vulnerable software:
Zabbix

Link to public exploit:

https://github.com/fork-bombed/CVE-2022-23131

Vulnerability description

The vulnerability allows a remote attacker to bypass SAML authentication process.

The vulnerability exists due to unsafe usage of session data stored in local storage when using SAML SSO authentication. A remote attacker with knowledge of a valid username can bypass SAML SSO authentication and gain administrative access to Zabbix Frontend.

Successful exploitation of the vulnerability requires that the SAML SSO authentication is enabled (disabled by default).

Remediation

Install updates from vendor's website.

ID:10517 - Exploit for Improper Authentication in Zabbix - CVE-2022-23131

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human