Wind River Support Network

HomeDefectsLIN1019-8815
Fixed

LIN1019-8815 : Security Advisory - zabbix - CVE-2022-40626

Created: Sep 13, 2022    Updated: Sep 22, 2022
Resolved Date: Sep 22, 2022
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

https://nvd.nist.gov/vuln/detail/CVE-2022-40626
  • Linkedin
  • Facebook
  • Twitter
  • Youtube