CVE-2022-23131 - Zabbix 취약점

보안동향

CVE-2022-23131 - Zabbix 취약점

iiliiiili 2022. 2. 23. 15:52

https://nvd.nist.gov/vuln/detail/CVE-2022-23131

NVD - CVE-2022-23131

CVE-2022-23131 Detail Current Description In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthe

nvd.nist.gov

https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2022/CVE-2022-23131.yaml

GitHub - projectdiscovery/nuclei-templates: Community curated list of templates for the nuclei engine to find security vulnerabi

Community curated list of templates for the nuclei engine to find security vulnerabilities. - GitHub - projectdiscovery/nuclei-templates: Community curated list of templates for the nuclei engine t...

github.com

해당버전 : 5.4.0 ~ 5.4.8
CVSS 점수 : 9.8(critical)