CVE-2022-24349

Reflected XSS in action configuration window of Zabbix Frontend

Description

An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.

Remediation

Solution:

  • To remediate this vulnerability, apply the updates

Workaround:

  • The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to the actionconf.php page of Zabbix Frontend and contain suspicious parameters with special symbols. If you have clicked on the suspicious link, do not fill out the opened form.

Category

4.6
CVSS
Severity: Medium
CVSS 3.1 •
CVSS 2.0 •
EPSS 0.27%
Vendor Advisory fedoraproject.org Vendor Advisory fedoraproject.org Vendor Advisory fedoraproject.org Vendor Advisory zabbix.com
Affected: Zabbix Frontend
Published at:
Updated at:

References

Link Tags
https://support.zabbix.com/browse/ZBX-20680 issue tracking patch vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V4N22R3QVTYAJMWFK2U2O6QXAZYM35Z/ vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWDZONUHDYKBXTAIAGHSYQDEGORD2QT7/ vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWP6UBFA5T6MOQPY2VDUG5YAJBFPYRFF/ vendor advisory
https://lists.debian.org/debian-lts-announce/2022/04/msg00011.html third party advisory mailing list
https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html mailing list

Frequently Asked Questions

What is the severity of CVE-2022-24349?
CVE-2022-24349 has been scored as a medium severity vulnerability.
How to fix CVE-2022-24349?
To fix CVE-2022-24349: To remediate this vulnerability, apply the updates
Is CVE-2022-24349 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-24349 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-24349?
CVE-2022-24349 affects Zabbix Frontend.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.