What is CVE-2022-43515?

CVE-2022-43515 is a medium-severity vulnerability in Zabbix Frontend, classified under Improper Input Validation. CVSS score: 5.3/10. Published 2022-12-12.

How severe is CVE-2022-43515?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Improper input validation in Zabbix Frontend

CVE-2022-43515

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained a…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (33.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Zabbix Frontend — versions 4.0.0-4.0.44, 5.0.0-5.0.29, 6.0.0-6.0.9

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

support.zabbix.com/browse/ZBX-22050
[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update (mailing-list)

Frequently asked questions

What is CVE-2022-43515?: CVE-2022-43515 is a medium-severity vulnerability in Zabbix Frontend, classified under Improper Input Validation. CVSS score: 5.3/10. Published 2022-12-12.
How severe is CVE-2022-43515?: Medium severity. CVSS v3 base score is 5.3 out of 10.