13 matches found
Exploit for Authentication Bypass by Spoofing in Zabbix
CVE-2022-23131 Zabbix Frontend Authentication Bypass Vulnerabi...
Exploit for Authentication Bypass by Spoofing in Zabbix
CVE-2022-23131 Zabbix SAML Authentication Exploit This Python...
Exploit for Authentication Bypass by Spoofing in Zabbix
CVE-2022-23131poc-exp-zabbix CVE-2022-23131 Vulnerability Ba...
Exploit for Authentication Bypass by Spoofing in Zabbix
CVE-2022-23131poc-exp-zabbix CVE-2022-23131 Vulnerability Ba...
Zabbix Web Frontend Authentication Bypass (CVE-2022-23131)
An authentication bypass vulnerability exists in Zabbix Web Frontend. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform
The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that Federal...
Exploit for Authentication Bypass by Spoofing in Zabbix
Zabbix SAML SSO Login Bypass Vulnerability CVE-2022-23131 Env...
CVE-2022-23131
creationtimestamp| type| source ---|---|--- 2022-01-13 18:18:30+00:00| seen| https://t.me/cibsecurity/35414 2022-02-19 13:30:24+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5445 2022-02-20 10:36:27+00:00| published-proof-of-concept| https://t.me/windef/100 2022-02-24...
CVE-2022-23131
In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...
CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...
CVE-2022-23131
CVE-2022-23131 affects the Zabbix Frontend when SAML SSO is enabled (non-default). A malicious, unauthenticated actor can modify session data because user logins stored in the session are not verified, potentially escalating privileges to admin and taking over the frontend. The vulnerability requ...
CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...
CVE-2022-23131
In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...