Lucene search
K

13 matches found

GithubExploit
GithubExploit
added 2024/10/25 1:44 p.m.641 views

Exploit for Authentication Bypass by Spoofing in Zabbix

CVE-2022-23131 Zabbix Frontend Authentication Bypass Vulnerabi...

9.8CVSS9.3AI score0.95683EPSS
Exploits9
GithubExploit
GithubExploit
added 2024/09/18 3:42 p.m.676 views

Exploit for Authentication Bypass by Spoofing in Zabbix

CVE-2022-23131 Zabbix SAML Authentication Exploit This Python...

9.8CVSS9.7AI score0.95683EPSS
Exploits9
GithubExploit
GithubExploit
added 2022/07/22 5:48 a.m.442 views

Exploit for Authentication Bypass by Spoofing in Zabbix

CVE-2022-23131poc-exp-zabbix CVE-2022-23131 Vulnerability Ba...

9.8CVSS7.5AI score0.95683EPSS
Exploits9
GithubExploit
GithubExploit
added 2022/07/22 5:48 a.m.233 views

Exploit for Authentication Bypass by Spoofing in Zabbix

CVE-2022-23131poc-exp-zabbix CVE-2022-23131 Vulnerability Ba...

9.8CVSS7.5AI score0.95683EPSS
Exploits9
Check Point Advisories
Check Point Advisories
added 2022/03/02 12:0 a.m.29 views

Zabbix Web Frontend Authentication Bypass (CVE-2022-23131)

An authentication bypass vulnerability exists in Zabbix Web Frontend. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

5.1CVSS5.4AI score0.95683EPSS
Exploits9
The Hacker News
The Hacker News
added 2022/02/24 12:16 p.m.132 views

CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform

The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that Federal...

9.8CVSS1.4AI score0.95683EPSS
Exploits10
GithubExploit
GithubExploit
added 2022/02/24 8:10 a.m.1751 views

Exploit for Authentication Bypass by Spoofing in Zabbix

Zabbix SAML SSO Login Bypass Vulnerability CVE-2022-23131 Env...

9.8CVSS9.6AI score0.95683EPSS
Exploits9
Circl
Circl
added 2022/01/13 6:18 p.m.7 views

CVE-2022-23131

creationtimestamp| type| source ---|---|--- 2022-01-13 18:18:30+00:00| seen| https://t.me/cibsecurity/35414 2022-02-19 13:30:24+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5445 2022-02-20 10:36:27+00:00| published-proof-of-concept| https://t.me/windef/100 2022-02-24...

9.8CVSS7.5AI score0.95683EPSS
Exploits9References25
UbuntuCve
UbuntuCve
added 2022/01/13 4:15 p.m.42 views

CVE-2022-23131

In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...

9.8CVSS7.3AI score0.95683EPSS
Exploits9References2
Vulnrichment
Vulnrichment
added 2022/01/13 3:50 p.m.13 views

CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML

In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...

9.1CVSS9.9AI score0.95683EPSS
Exploits9References1
CVE
CVE
added 2022/01/13 3:50 p.m.1730 views

CVE-2022-23131

CVE-2022-23131 affects the Zabbix Frontend when SAML SSO is enabled (non-default). A malicious, unauthenticated actor can modify session data because user logins stored in the session are not verified, potentially escalating privileges to admin and taking over the frontend. The vulnerability requ...

9.8CVSS9.8AI score0.95683EPSS
In wildExploits9References2Affected Software1
Cvelist
Cvelist
added 2022/01/13 3:50 p.m.28 views

CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML

In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...

9.1CVSS10AI score0.95683EPSS
Exploits9References1
ATTACKERKB
ATTACKERKB
added 2021/11/22 12:0 a.m.35 views

CVE-2022-23131

In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...

9.8CVSS3.1AI score0.95683EPSS
In wildExploits9References2
Rows per page
Query Builder