Home > Vulnerability Database > CVE-2022-43515

Mend.io Vulnerability Database

CVE-2022-43515

Date: December 11, 2022

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.

Language: PHP

Severity Score

5.3

Related Resources (6)

Url: https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html

Url: https://support.zabbix.com/browse/ZBXSEC-125

Url: https://support.zabbix.com/browse/ZBX-22050

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-43515

Url: https://security-tracker.debian.org/tracker/CVE-2022-43515

Url: https://www.mend.io/vulnerability-database/CVE-2022-43515

Severity Score

5.3

Weakness Type (CWE)

Improper Input Validation

CWE-20

Incorrect Authorization

CWE-863

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2022-43515

Date: December 11, 2022

Language: PHP

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?