Home > Vulnerability Database > CVE-2022-43515

Mend.io Vulnerability Database

CVE-2022-43515

Good to know:

Date: December 5, 2022

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.

Language: PHP

Severity Score

9.8

Related Resources (6)

Url: https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html

Url: https://support.zabbix.com/browse/ZBXSEC-125

Url: https://support.zabbix.com/browse/ZBX-22050

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-43515

Url: https://security-tracker.debian.org/tracker/CVE-2022-43515

Url: https://www.mend.io/vulnerability-database/CVE-2022-43515

Severity Score

9.8

Weakness Type (CWE)

Input Validation

CWE-20

Incorrect Authorization

CWE-863

Top Fix

Upgrade Version

Upgrade to version 5.0.30,6.0.11,6.2.5

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-43515

Good to know:

Date: December 5, 2022

Language: PHP

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?