CVE-2022-23134

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-23134 is an authentication bypass vulnerability discovered in the Zabbix web frontend. This flaw could allow attackers to access sensitive information or perform unauthorized actions on the system. The vulnerability occurs due to a lack of proper validation of user input in the login form, specifically the "autologin" parameter. According to the attack information available, this vulnerability was exploited by attackers to bypass authentication and gain unauthorized access to systems using the affected Zabbix web frontend. The exact timeline of the attacks is not clear, but it is likely that they occurred after the vulnerability was publicly disclosed. To protect against this vulnerability, users can apply the Zabbix Web Frontend Authentication Bypass (CVE-2022-23134) protection in their Intrusion Prevention System (IPS). This protection can be found in the IPS tab by searching for the CVE number and editing its settings. Additionally, it is recommended to update to the latest version of the software, which includes a fix for this vulnerability.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-23134 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Checkpoint
a year ago
CPAI-2022-0056 - Check Point Software