Here at Zabbix, the security of our product is our top priority. It has come to our attention that two potential CVE issues have been highlighted in tech media outlets – CVE-2022-23131 and CVE-2022-23134.
The most critical issue – CVE-2022-23131, affects only Zabbix instances where SAML SSO authentication is in use. While CVE-2022-23134 Affects Zabbix 5.4.x releases older than Zabbix 5.4.9.
Zabbix is aware of the following vulnerabilities And they have since been fixed in Zabbix version 5.4.9 and the stable release of Zabbix 6.0 LTS.
- CVE-2022-23131 – Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
- Affected versions: 5.4.0 – 5.4.8; 6.0.0alpha1
- CVE-2022-23134 – Possible view of the setup pages by unauthenticated users if config file already exists
- Affected versions: 5.4.0 – 5.4.8; 6.0.0 – 6.0.0beta1
We urge everyone who is using the SAML SSO authentication features in your environment or update your Zabbix instance to one of the aforementioned versions where the security vulnerabilities have been resolved.
keep track of any potential Zabbix security issues, the affected versions, and the required updates, visit our public Zabbix Security Advisories and CVE database page.