claytonvantol.us

SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2022-23131-zabbix-frontend.log

CVE-2022-23131 — Zabbix Frontend Authentication Bypass Vulnerability

2022-02-22 • CISA Known Exploited Vulnerability

[event] Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.

> AFFECTED SOFTWARE

Field	Value
Vendor	Zabbix
Product	Frontend
CWE	CWE-290
CVE ID	CVE-2022-23131
Date Added	2022-02-22
Due Date	2022-03-08
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-03-08

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-23131

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:14 UTC