CVE-2022-23131 - Zabbix Frontend Authentication Bypass Vulnerability
Project:Zabbix
Product:Frontend
Date Added:2022-02-22Due Date:2022-03-08
Vulnerability Name
Zabbix Frontend Authentication Bypass Vulnerability
Description
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-23131