CVE-2022-23134 is an authentication bypass vulnerability discovered in the Zabbix web frontend. This flaw could allow attackers to access sensitive information or perform unauthorized actions on the system. The vulnerability occurs due to a lack of proper validation of user input in the login form, specifically the "autologin" parameter.
According to the attack information available, this vulnerability was exploited by attackers to bypass authentication and gain unauthorized access to systems using the affected Zabbix web frontend. The exact timeline of the attacks is not clear, but it is likely that they occurred after the vulnerability was publicly disclosed.
To protect against this vulnerability, users can apply the Zabbix Web Frontend Authentication Bypass (CVE-2022-23134) protection in their Intrusion Prevention System (IPS). This protection can be found in the IPS tab by searching for the CVE number and editing its settings. Additionally, it is recommended to update to the latest version of the software, which includes a fix for this vulnerability.