Design/Logic Flaw

2022-12-0519:15:00

PRIOn knowledge base

www.prio-n.com

zabbix

frontend

logic flaw

unauthorized access

ip addresses

nvd

9.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.8%

JSON

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.

CPENameOperatorVersion
frontendeq6.2.5 rc1
frontendeq6.0.11 rc1
frontendeq5.0.30 rc1
frontendge6.2.0
frontendle6.2.4
frontendge6.0.0
frontendle6.0.9
frontendge5.0.0
frontendle5.0.29
frontendge4.0.0

Name	Operator	Version
frontend	eq	6.2.5 rc1
frontend	eq	6.0.11 rc1
frontend	eq	5.0.30 rc1
frontend	ge	6.2.0
frontend	le	6.2.4
frontend	ge	6.0.0
frontend	le	6.0.9
frontend	ge	5.0.0
frontend	le	5.0.29
frontend	ge	4.0.0