All the vulnerabilites related to Zabbix - Frontend
cve-2023-29454
Vulnerability from cvelistv5
Published
2023-07-13 09:30
Modified
2024-10-21 21:10
Severity ?
EPSS score ?
Summary
Persistent XSS in the user form
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-22985"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T21:06:47.259753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T21:10:04.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Frontend"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "4.0.46rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.45",
"status": "affected",
"version": "4.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "5.0.35rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.33",
"status": "affected",
"version": "5.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.18rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
}
]
}
],
"datePublic": "2023-06-16T10:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": " Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the payload for every victim visiting its web pages."
}
],
"value": " Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the payload for every victim visiting its web pages."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T09:30:27.523Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22985"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Persistent XSS in the user form",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-29454",
"datePublished": "2023-07-13T09:30:27.523Z",
"dateReserved": "2023-04-06T18:04:44.892Z",
"dateUpdated": "2024-10-21T21:10:04.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35229
Vulnerability from cvelistv5
Published
2022-07-06 11:05
Modified
2024-09-16 22:36
Severity ?
EPSS score ?
Summary
Reflected XSS in discovery page of Zabbix Frontend
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-21306"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
},
{
"name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.0.42"
},
{
"status": "affected",
"version": "5.0.0-5.0.24"
},
{
"status": "affected",
"version": "6.0.0-6.0.4"
},
{
"status": "affected",
"version": "6.2alpha1-6.2beta3"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T15:06:20.620530",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-21306"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
},
{
"name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in discovery page of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to the discoveryconf.php page of Zabbix Frontend and contain suspicious parameters with special symbols. If you have clicked on the suspicious link, do not fill out the opened form."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-35229",
"datePublished": "2022-07-06T11:05:12.493372Z",
"dateReserved": "2022-07-05T00:00:00",
"dateUpdated": "2024-09-16T22:36:46.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24918
Vulnerability from cvelistv5
Published
2022-03-09 19:30
Modified
2024-09-16 18:44
Severity ?
EPSS score ?
Summary
Reflected XSS in item configuration window of Zabbix Frontend
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.zabbix.com/browse/ZBX-20680 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "5.0.0-5.0.20"
},
{
"status": "affected",
"version": "5.4.0-5.4.10"
},
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.0.21rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.4.11rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.0.1rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a link with reflected Javascript code inside it for items\u2019 page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-26T18:06:59",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in item configuration window of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "No workaround"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "ZBV-2022-01-3",
"ASSIGNER": "security@zabbix.com",
"DATE_PUBLIC": "2022-02-01T08:05:00.000Z",
"ID": "CVE-2022-24918",
"STATE": "PUBLIC",
"TITLE": "Reflected XSS in item configuration window of Zabbix Frontend"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Frontend",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.0.0-5.0.20"
},
{
"version_affected": "=",
"version_value": "5.4.0-5.4.10"
},
{
"version_affected": "=",
"version_value": "6.0"
},
{
"version_affected": "!\u003e=",
"version_value": "5.0.21rc1"
},
{
"version_affected": "!\u003e=",
"version_value": "5.4.11rc1"
},
{
"version_affected": "!\u003e=",
"version_value": "6.0.1rc1"
}
]
}
}
]
},
"vendor_name": "Zabbix"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "internal research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authenticated user can create a link with reflected Javascript code inside it for items\u2019 page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.zabbix.com/browse/ZBX-20680",
"refsource": "MISC",
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
}
]
},
"solution": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "No workaround"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-24918",
"datePublished": "2022-03-09T19:30:29.711512Z",
"dateReserved": "2022-02-10T00:00:00",
"dateUpdated": "2024-09-16T18:44:15.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24917
Vulnerability from cvelistv5
Published
2022-03-09 19:30
Modified
2024-09-17 03:42
Severity ?
EPSS score ?
Summary
Reflected XSS in service configuration window of Zabbix Frontend
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
},
{
"name": "[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.0.38"
},
{
"status": "affected",
"version": "5.0.0-5.0.20"
},
{
"status": "affected",
"version": "5.4.0-5.4.10"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.0.39rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.0.21rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.4.11rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a link with reflected Javascript code inside it for services\u2019 page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
},
{
"name": "[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in service configuration window of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "No workaround"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-24917",
"datePublished": "2022-03-09T19:30:28.388962Z",
"dateReserved": "2022-02-10T00:00:00",
"dateUpdated": "2024-09-17T03:42:34.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32725
Vulnerability from cvelistv5
Published
2023-12-18 09:15
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Server",
"Web service"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "6.0.22rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.21",
"status": "affected",
"version": "6.0.0 ",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.7rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha4",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha3",
"status": "affected",
"version": "7.0.0alpha1 ",
"versionType": "git"
}
]
}
],
"datePublic": "2023-11-06T08:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
}
],
"value": "The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
},
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-565",
"description": "CWE-565 Reliance on Cookies without Validation and Integrity Checking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T09:15:23.931Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23854"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32725",
"datePublished": "2023-12-18T09:15:23.931Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2024-08-02T15:25:36.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35230
Vulnerability from cvelistv5
Published
2022-07-06 11:05
Modified
2024-09-16 22:10
Severity ?
EPSS score ?
Summary
Reflected XSS in graphs page of Zabbix Frontend
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-21305"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.0.42"
},
{
"status": "affected",
"version": "5.0.0-5.0.24"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-21305"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in graphs page of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to the graphs.php page of Zabbix Frontend and contain suspicious parameters with special symbols. If you have clicked on the suspicious link, do not fill out the opened form"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-35230",
"datePublished": "2022-07-06T11:05:14.025474Z",
"dateReserved": "2022-07-05T00:00:00",
"dateUpdated": "2024-09-16T22:10:24.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24919
Vulnerability from cvelistv5
Published
2022-03-09 19:30
Modified
2024-09-17 02:16
Severity ?
EPSS score ?
Summary
Reflected XSS in graph configuration window of Zabbix Frontend
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
},
{
"name": "[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.0.38"
},
{
"status": "affected",
"version": "5.0.0-5.0.20"
},
{
"status": "affected",
"version": "5.4.0-5.4.10"
},
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.0.39rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.0.21rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.4.11rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.0.1rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a link with reflected Javascript code inside it for graphs\u2019 page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
},
{
"name": "[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in graph configuration window of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "No workaround"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-24919",
"datePublished": "2022-03-09T19:30:31.234041Z",
"dateReserved": "2022-02-10T00:00:00",
"dateUpdated": "2024-09-17T02:16:12.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29456
Vulnerability from cvelistv5
Published
2023-07-13 09:33
Modified
2024-10-22 16:21
Severity ?
EPSS score ?
Summary
Inefficient URL schema validation
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-22987"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29456",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T16:19:48.186851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T16:21:29.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Frontend"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "4.0.47rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.46",
"status": "affected",
"version": "4.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "5.0.36rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.35",
"status": "affected",
"version": "5.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.19rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.4rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.3",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha2",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha1 ",
"status": "affected",
"version": "7.0.0alpha1",
"versionType": "git"
}
]
}
],
"datePublic": "2023-06-16T11:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards.\u003cbr\u003e"
}
],
"value": "URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-27T13:35:49.537Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22987"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Inefficient URL schema validation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-29456",
"datePublished": "2023-07-13T09:33:32.720Z",
"dateReserved": "2023-04-06T18:04:44.892Z",
"dateUpdated": "2024-10-22T16:21:29.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-30958
Vulnerability from cvelistv5
Published
2023-08-03 21:09
Modified
2024-10-09 20:10
Severity ?
EPSS score ?
Summary
DOM XSS in Developer mode dashboard via redirect GET parameter
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palantir | com.palantir.foundry:foundry-frontend |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:24.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://palantir.safebase.us/?tcuUid=5764b094-d3c0-4380-90f2-234f36116c9b"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30958",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:26:22.213930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:10:39.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "com.palantir.foundry:foundry-frontend",
"vendor": "Palantir",
"versions": [
{
"lessThan": "6.225.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry\u0027s CSP were to be bypassed.\n\nThis defect was resolved with the release of Foundry Frontend 6.225.0.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "This type of attack is a form of Cross-Site Scripting (XSS) where a malicious script is inserted into the client-side HTML being parsed by a web browser. Content served by a vulnerable web application includes script code used to manipulate the Document Object Model (DOM). This script code either does not properly validate input, or does not perform proper output encoding, thus creating an opportunity for an adversary to inject a malicious script launch a XSS attack. A key distinction between other XSS attacks and DOM-based attacks is that in other XSS attacks, the malicious script runs when the vulnerable web page is initially loaded, while a DOM-based attack executes sometime after the page loads. Another distinction of DOM-based attacks is that in some cases, the malicious script is never sent to the vulnerable web server at all. An attack like this is guaranteed to bypass any server-side filtering attempts to protect users."
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-83",
"description": "The product does not neutralize or incorrectly neutralizes \"javascript:\" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T21:09:10.026Z",
"orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
"shortName": "Palantir"
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=5764b094-d3c0-4380-90f2-234f36116c9b"
}
],
"source": {
"defect": [
"PLTRSEC-2023-27"
],
"discovery": "EXTERNAL"
},
"title": "DOM XSS in Developer mode dashboard via redirect GET parameter"
}
},
"cveMetadata": {
"assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
"assignerShortName": "Palantir",
"cveId": "CVE-2023-30958",
"datePublished": "2023-08-03T21:09:10.026Z",
"dateReserved": "2023-04-21T11:25:51.028Z",
"dateUpdated": "2024-10-09T20:10:39.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23134
Vulnerability from cvelistv5
Published
2022-01-13 15:50
Modified
2024-09-16 22:41
Severity ?
EPSS score ?
Summary
Possible view of the setup pages by unauthenticated users if config file already exists
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.zabbix.com/browse/ZBX-20384 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20384"
},
{
"name": "FEDORA-2022-dfe346f53f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/"
},
{
"name": "FEDORA-2022-1a667b0f90",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/"
},
{
"name": "[debian-lts-announce] 20220207 [SECURITY] [DLA 2914-1] zabbix security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "5.4.0 - 5.4.8"
},
{
"lessThan": "5.4.9*",
"status": "unaffected",
"version": "5.4.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zabbix wants to thank Thomas Chauchefoin from SonarSource for reporting this issue to us"
}
],
"datePublic": "2021-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-07T23:06:09",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.zabbix.com/browse/ZBX-20384"
},
{
"name": "FEDORA-2022-dfe346f53f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/"
},
{
"name": "FEDORA-2022-1a667b0f90",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/"
},
{
"name": "[debian-lts-announce] 20220207 [SECURITY] [DLA 2914-1] zabbix security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates or if an immediate update is not possible, follow the presented workarounds."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Possible view of the setup pages by unauthenticated users if config file already exists",
"workarounds": [
{
"lang": "en",
"value": "If an immediate update is not possible, please remove the setup.php file"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zabbix.com",
"DATE_PUBLIC": "2021-12-20T09:53:00.000Z",
"ID": "CVE-2022-23134",
"STATE": "PUBLIC",
"TITLE": "Possible view of the setup pages by unauthenticated users if config file already exists"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Frontend",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.4.0 - 5.4.8",
"version_value": "5.4.0 - 5.4.8"
},
{
"version_affected": "!\u003e=",
"version_name": "5.4.9",
"version_value": "5.4.9"
}
]
}
}
]
},
"vendor_name": "Zabbix"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Zabbix wants to thank Thomas Chauchefoin from SonarSource for reporting this issue to us"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.zabbix.com/browse/ZBX-20384",
"refsource": "MISC",
"url": "https://support.zabbix.com/browse/ZBX-20384"
},
{
"name": "FEDORA-2022-dfe346f53f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/"
},
{
"name": "FEDORA-2022-1a667b0f90",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/"
},
{
"name": "[debian-lts-announce] 20220207 [SECURITY] [DLA 2914-1] zabbix security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates or if an immediate update is not possible, follow the presented workarounds."
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "If an immediate update is not possible, please remove the setup.php file"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-23134",
"datePublished": "2022-01-13T15:50:42.946084Z",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-09-16T22:41:21.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29457
Vulnerability from cvelistv5
Published
2023-07-13 09:35
Modified
2024-10-21 21:09
Severity ?
EPSS score ?
Summary
Insufficient validation of Action form input fields
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-22988"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T21:06:43.942933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T21:09:50.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Frontend"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "4.0.46rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.45",
"status": "affected",
"version": "4.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "5.0.35rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.34",
"status": "affected",
"version": "5.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.18rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
}
]
}
],
"datePublic": "2023-06-16T11:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim\u0027s browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts."
}
],
"value": "Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim\u0027s browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T09:35:24.594Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22988"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient validation of Action form input fields",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-29457",
"datePublished": "2023-07-13T09:35:24.594Z",
"dateReserved": "2023-04-06T18:04:44.892Z",
"dateUpdated": "2024-10-21T21:09:50.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24349
Vulnerability from cvelistv5
Published
2022-03-09 19:30
Modified
2024-09-16 18:45
Severity ?
EPSS score ?
Summary
Reflected XSS in action configuration window of Zabbix Frontend
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
},
{
"name": "[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.0.38"
},
{
"status": "affected",
"version": "5.0.0-5.0.20"
},
{
"status": "affected",
"version": "5.4.0-5.4.10"
},
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.0.39rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.0.21rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.4.11rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.0.1rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a link with reflected XSS payload for actions\u2019 pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim\u2019s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-20680"
},
{
"name": "FEDORA-2022-5fab125c08",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/"
},
{
"name": "FEDORA-2022-d714c0d39c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/"
},
{
"name": "FEDORA-2022-19a9053f17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/"
},
{
"name": "[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html"
},
{
"name": "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in action configuration window of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to the actionconf.php page of Zabbix Frontend and contain suspicious parameters with special symbols. If you have clicked on the suspicious link, do not fill out the opened form."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-24349",
"datePublished": "2022-03-09T19:30:26.724288Z",
"dateReserved": "2022-02-02T00:00:00",
"dateUpdated": "2024-09-16T18:45:12.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40626
Vulnerability from cvelistv5
Published
2022-09-14 06:55
Modified
2024-09-16 19:19
Severity ?
EPSS score ?
Summary
Reflected XSS in the backurl parameter of Zabbix Frontend
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.zabbix.com/browse/ZBX-21350 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-21350"
},
{
"name": "FEDORA-2022-0d56cb7ee4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "6.0.0-6.0.6"
},
{
"status": "affected",
"version": "6.2.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.0.7rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.2.1rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "internal research"
}
],
"datePublic": "2022-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-19T01:06:09",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.zabbix.com/browse/ZBX-21350"
},
{
"name": "FEDORA-2022-0d56cb7ee4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Reflected XSS in the backurl parameter of Zabbix Frontend",
"workarounds": [
{
"lang": "en",
"value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to Zabbix Frontend and contain suspicious parameters with special symbols."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "ZBV-2022-07-1",
"ASSIGNER": "security@zabbix.com",
"DATE_PUBLIC": "2022-07-08T10:37:00.000Z",
"ID": "CVE-2022-40626",
"STATE": "PUBLIC",
"TITLE": "Reflected XSS in the backurl parameter of Zabbix Frontend"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Frontend",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "6.0.0-6.0.6"
},
{
"version_affected": "=",
"version_value": "6.2.0"
},
{
"version_affected": "!\u003e=",
"version_value": "6.0.7rc1"
},
{
"version_affected": "!\u003e=",
"version_value": "6.2.1rc1"
}
]
}
}
]
},
"vendor_name": "Zabbix"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "internal research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.zabbix.com/browse/ZBX-21350",
"refsource": "MISC",
"url": "https://support.zabbix.com/browse/ZBX-21350"
},
{
"name": "FEDORA-2022-0d56cb7ee4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/"
}
]
},
"solution": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates"
}
],
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to Zabbix Frontend and contain suspicious parameters with special symbols."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-40626",
"datePublished": "2022-09-14T06:55:08.852950Z",
"dateReserved": "2022-09-13T00:00:00",
"dateUpdated": "2024-09-16T19:19:37.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23131
Vulnerability from cvelistv5
Published
2022-01-13 15:50
Modified
2024-09-16 16:52
Severity ?
EPSS score ?
Summary
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.zabbix.com/browse/ZBX-20350 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20350"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "5.4.0 - 5.4.8"
},
{
"lessThan": "5.4.9*",
"status": "unaffected",
"version": "5.4.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zabbix wants to thank Thomas Chauchefoin from SonarSource for reporting this issue to us"
}
],
"datePublic": "2021-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-13T15:50:39",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.zabbix.com/browse/ZBX-20350"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, install the updates or if an immediate update is not possible, follow the presented workarounds."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML",
"workarounds": [
{
"lang": "en",
"value": "Disable SAML authentication"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zabbix.com",
"DATE_PUBLIC": "2021-11-22T14:03:00.000Z",
"ID": "CVE-2022-23131",
"STATE": "PUBLIC",
"TITLE": "Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Frontend",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.4.0 - 5.4.8",
"version_value": "5.4.0 - 5.4.8"
},
{
"version_affected": "!\u003e=",
"version_name": "5.4.9",
"version_value": "5.4.9"
}
]
}
}
]
},
"vendor_name": "Zabbix"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Zabbix wants to thank Thomas Chauchefoin from SonarSource for reporting this issue to us"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-290 Authentication Bypass by Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.zabbix.com/browse/ZBX-20350",
"refsource": "MISC",
"url": "https://support.zabbix.com/browse/ZBX-20350"
}
]
},
"solution": [
{
"lang": "en",
"value": "To remediate this vulnerability, install the updates or if an immediate update is not possible, follow the presented workarounds."
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Disable SAML authentication"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-23131",
"datePublished": "2022-01-13T15:50:39.137588Z",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-09-16T16:52:43.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29455
Vulnerability from cvelistv5
Published
2023-07-13 09:33
Modified
2024-10-21 21:09
Severity ?
EPSS score ?
Summary
Reflected XSS in several fields of graph form
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-22986"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T21:06:45.657463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T21:09:57.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Frontend"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "4.0.46rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.45",
"status": "affected",
"version": "4.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "5.0.35rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.33",
"status": "affected",
"version": "5.0.0",
"versionType": "git"
}
]
}
],
"datePublic": "2023-06-16T10:57:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim\u0027s browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts."
}
],
"value": "Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim\u0027s browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T09:33:18.965Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22986"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected XSS in several fields of graph form",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-29455",
"datePublished": "2023-07-13T09:33:18.965Z",
"dateReserved": "2023-04-06T18:04:44.892Z",
"dateUpdated": "2024-10-21T21:09:57.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43515
Vulnerability from cvelistv5
Published
2022-12-12 01:49
Modified
2024-09-16 17:54
Severity ?
EPSS score ?
Summary
X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:59.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-22050"
},
{
"name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.0.44"
},
{
"status": "affected",
"version": "5.0.0-5.0.29"
},
{
"status": "affected",
"version": "6.0.0-6.0.9"
},
{
"status": "affected",
"version": "6.2.0-6.2.4"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "5.0.30rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.0.11rc1",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "6.2.5rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "osman1337"
}
],
"datePublic": "2022-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T15:06:26.999537",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22050"
},
{
"name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates listed in the \u0027Unaffected\u0027 section to appropriate products or use the workaround"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode",
"workarounds": [
{
"lang": "en",
"value": "If an immediate update is not possible, limit network access to Zabbix Frontend during the maintenance window."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-43515",
"datePublished": "2022-12-12T01:49:10.008967Z",
"dateReserved": "2022-10-19T00:00:00",
"dateUpdated": "2024-09-16T17:54:03.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23133
Vulnerability from cvelistv5
Published
2022-01-13 15:50
Modified
2024-09-16 21:08
Severity ?
EPSS score ?
Summary
Stored XSS in host groups configuration window in Zabbix Frontend
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.zabbix.com/browse/ZBX-20388 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:19.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-20388"
},
{
"name": "FEDORA-2022-dfe346f53f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/"
},
{
"name": "FEDORA-2022-1a667b0f90",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Frontend",
"vendor": "Zabbix",
"versions": [
{
"status": "affected",
"version": "5.0.0 \u2013 5.0.18"
},
{
"status": "affected",
"version": "5.4.0 \u2013 5.4.8"
},
{
"lessThan": "5.0.19*",
"status": "unaffected",
"version": "5.0.19",
"versionType": "custom"
},
{
"lessThan": "5.4.9*",
"status": "unaffected",
"version": "5.4.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zabbix wants to thank Hazem Osama for reporting this issue to us"
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-23T03:06:27",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.zabbix.com/browse/ZBX-20388"
},
{
"name": "FEDORA-2022-dfe346f53f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/"
},
{
"name": "FEDORA-2022-1a667b0f90",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/"
}
],
"solutions": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Stored XSS in host groups configuration window in Zabbix Frontend",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zabbix.com",
"DATE_PUBLIC": "2021-12-08T14:30:00.000Z",
"ID": "CVE-2022-23133",
"STATE": "PUBLIC",
"TITLE": "Stored XSS in host groups configuration window in Zabbix Frontend"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Frontend",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.0.0 \u2013 5.0.18",
"version_value": "5.0.0 \u2013 5.0.18"
},
{
"version_affected": "=",
"version_name": "5.4.0 \u2013 5.4.8",
"version_value": "5.4.0 \u2013 5.4.8"
},
{
"version_affected": "!\u003e=",
"version_name": "5.0.19",
"version_value": "5.0.19"
},
{
"version_affected": "!\u003e=",
"version_name": "5.4.9",
"version_value": "5.4.9"
}
]
}
}
]
},
"vendor_name": "Zabbix"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Zabbix wants to thank Hazem Osama for reporting this issue to us"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.zabbix.com/browse/ZBX-20388",
"refsource": "MISC",
"url": "https://support.zabbix.com/browse/ZBX-20388"
},
{
"name": "FEDORA-2022-dfe346f53f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/"
},
{
"name": "FEDORA-2022-1a667b0f90",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/"
}
]
},
"solution": [
{
"lang": "en",
"value": "To remediate this vulnerability, apply the updates."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2022-23133",
"datePublished": "2022-01-13T15:50:41.726421Z",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-09-16T21:08:55.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}