Wind River Support Network

HomeDefectsLIN1021-4387
Fixed

LIN1021-4387 : Security Advisory - zabbix - CVE-2022-40626

Created: Sep 13, 2022    Updated: Sep 22, 2022
Resolved Date: Sep 22, 2022
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

https://nvd.nist.gov/vuln/detail/CVE-2022-40626
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube