CVE-2023-29450 - OpenCVE

JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Zabbix	Zabbix

Configuration 1 [-]

OR	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::

References

Link	Resource
https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html
https://support.zabbix.com/browse/ZBX-22588	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Zabbix

Published: 2023-07-13T08:25:27.911Z

Updated: 2023-07-13T08:25:27.911Z

Reserved: 2023-04-06T18:04:44.891Z

Link: CVE-2023-29450

JSON object: View

NVD Information

Status : Modified

Published: 2023-07-13T09:15:09.660

Modified: 2023-08-22T19:16:34.983

Link: CVE-2023-29450

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-29450", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "state": "PUBLISHED", "assignerShortName": "Zabbix", "dateReserved": "2023-04-06T18:04:44.891Z", "datePublished": "2023-07-13T08:25:27.911Z", "dateUpdated": "2023-07-13T08:25:27.911Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Server", "Proxy"], "product": "Zabbix", "repo": "https://git.zabbix.com/", "vendor": "Zabbix", "versions": [{"changes": [{"at": "5.0.32rc1", "status": "unaffected"}], "lessThanOrEqual": "5.0.31", "status": "affected", "version": "5.0", "versionType": "git"}, {"changes": [{"at": "6.0.14rc1 (6.0.16 is recommended)", "status": "unaffected"}], "lessThanOrEqual": "6.0.13", "status": "affected", "version": "6.0", "versionType": "git"}, {"changes": [{"at": "6.2.8rc1", "status": "unaffected"}], "lessThanOrEqual": "6.2.7", "status": "affected", "version": "6.2", "versionType": "git"}, {"changes": [{"at": "6.4.0rc2", "status": "unaffected"}], "lessThanOrEqual": "6.4.0rc1", "status": "affected", "version": "6.4", "versionType": "git"}]}], "datePublic": "2023-02-23T08:03:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."}], "value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."}], "impacts": [{"capecId": "CAPEC-410", "descriptions": [{"lang": "en", "value": "CAPEC-410 Information Elicitation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2023-07-13T08:25:27.911Z"}, "references": [{"url": "https://support.zabbix.com/browse/ZBX-22588"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Unauthorized limited filesystem access from preprocessing", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "F04570DF-A096-42C3-B16D-1B134B009F3D", "versionEndIncluding": "5.0.33", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "221530A4-AB8C-434C-BB41-F5A5E98317B4", "versionEndIncluding": "6.0.15", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FB7A41B-6B72-4A37-8A30-AA23BADAE942", "versionEndIncluding": "6.4.1", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5B6F1C5-A8C8-4F4B-848C-5585523280E0", "versionEndIncluding": "6.4.4", "versionStartIncluding": "6.4.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."}], "id": "CVE-2023-29450", "lastModified": "2023-08-22T19:16:34.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 6.0, "source": "security@zabbix.com", "type": "Secondary"}]}, "published": "2023-07-13T09:15:09.660", "references": [{"source": "security@zabbix.com", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"}, {"source": "security@zabbix.com", "tags": ["Vendor Advisory"], "url": "https://support.zabbix.com/browse/ZBX-22588"}], "sourceIdentifier": "security@zabbix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-552"}], "source": "security@zabbix.com", "type": "Secondary"}]}