github - ghsa-3g95-xf53-275x

ghsa-3g95-xf53-275x

Vulnerability from github

Published

2022-09-15 00:00

Modified

2022-09-17 00:00

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-40626"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-14T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.",
  "id": "GHSA-3g95-xf53-275x",
  "modified": "2022-09-17T00:00:42Z",
  "published": "2022-09-15T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40626"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G"
    },
    {
      "type": "WEB",
      "url": "https://support.zabbix.com/browse/ZBX-21350"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2022-40626

Vulnerability from cvelistv5

Published

2022-09-14 06:55

Modified

2024-09-16 19:19

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N

Summary

Reflected XSS in the backurl parameter of Zabbix Frontend

References

▼	URL	Tags
	https://support.zabbix.com/browse/ZBX-21350	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/	vendor-advisory, x_refsource_FEDORA

Impacted products

▼	Vendor	Product
	Zabbix	Frontend

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:21:46.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.zabbix.com/browse/ZBX-21350"
          },
          {
            "name": "FEDORA-2022-0d56cb7ee4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Frontend",
          "vendor": "Zabbix",
          "versions": [
            {
              "status": "affected",
              "version": "6.0.0-6.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.0"
            },
            {
              "lessThan": "unspecified",
              "status": "unaffected",
              "version": "6.0.7rc1",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "unaffected",
              "version": "6.2.1rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "internal research"
        }
      ],
      "datePublic": "2022-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-19T01:06:09",
        "orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
        "shortName": "Zabbix"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.zabbix.com/browse/ZBX-21350"
        },
        {
          "name": "FEDORA-2022-0d56cb7ee4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "To remediate this vulnerability, apply the updates"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Reflected XSS in the backurl parameter of Zabbix Frontend",
      "workarounds": [
        {
          "lang": "en",
          "value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to Zabbix Frontend and contain suspicious parameters with special symbols."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "ZBV-2022-07-1",
          "ASSIGNER": "security@zabbix.com",
          "DATE_PUBLIC": "2022-07-08T10:37:00.000Z",
          "ID": "CVE-2022-40626",
          "STATE": "PUBLIC",
          "TITLE": "Reflected XSS in the backurl parameter of Zabbix Frontend"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Frontend",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "6.0.0-6.0.6"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "6.2.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_value": "6.0.7rc1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_value": "6.2.1rc1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Zabbix"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "internal research"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.zabbix.com/browse/ZBX-21350",
              "refsource": "MISC",
              "url": "https://support.zabbix.com/browse/ZBX-21350"
            },
            {
              "name": "FEDORA-2022-0d56cb7ee4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPU4RCRYVNVM3SS523UQXE63ATCTEX5G/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "To remediate this vulnerability, apply the updates"
          }
        ],
        "source": {
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to Zabbix Frontend and contain suspicious parameters with special symbols."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
    "assignerShortName": "Zabbix",
    "cveId": "CVE-2022-40626",
    "datePublished": "2022-09-14T06:55:08.852950Z",
    "dateReserved": "2022-09-13T00:00:00",
    "dateUpdated": "2024-09-16T19:19:37.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.