CVE-2022-23131

NameCVE-2022-23131
DescriptionIn the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
zabbix (PTS)stretch1:3.0.7+dfsg-3undetermined
stretch (security)1:3.0.32+dfsg-0+deb9u1undetermined
buster1:4.0.4+dfsg-1undetermined
bullseye1:5.0.8+dfsg-1undetermined
bookworm, sid1:5.0.17+dfsg-1undetermined

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zabbixsource(unstable)undetermined

Notes

https://support.zabbix.com/browse/ZBX-20350
check, possibly only affecting 5.4.0 onwards

Search for package or bug name: Reporting problems