Main Vulnerability Database Vulnerabilities #VU60811

#VU60811 Improper Authentication in Zabbix - CVE-2022-23131

Published: February 23, 2022 / Updated: September 20, 2024

Vulnerability identifier: #VU60811

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2022-23131

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Zabbix

Software vendor:
Zabbix

Description

The vulnerability allows a remote attacker to bypass SAML authentication process.

The vulnerability exists due to unsafe usage of session data stored in local storage when using SAML SSO authentication. A remote attacker with knowledge of a valid username can bypass SAML SSO authentication and gain administrative access to Zabbix Frontend.

Successful exploitation of the vulnerability requires that the SAML SSO authentication is enabled (disabled by default).

Remediation

Install updates from vendor's website.

External links

https://support.zabbix.com/browse/ZBX-20350

#VU60811 Improper Authentication in Zabbix - CVE-2022-23131

Description

Remediation

External links

Please verify you're human