CVE-2022-43516 - Vulnerability Details - OpenCVE

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01161.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Microsoft	Windows Firewall
Zabbix	Zabbix

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:windows_firewall:-:::::::*
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix:6.0.12:rc1::::::
	cpe:2.3:a:zabbix:zabbix:6.2.6:rc1::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-46514	A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)

Fixes

Solution

To remediate this vulnerability, apply the updates listed in the 'Unaffected' section to appropriate products or use the workaround

Workaround

If an immediate update is not possible, change the applied local firewall rule to allow the agent port only.

References

Link	Providers
https://support.zabbix.com/browse/ZBX-22002

History

Fri, 18 Apr 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Zabbix

Published: 2022-12-12T01:49:10.008Z

Updated: 2025-04-18T18:09:22.186Z

Reserved: 2022-10-19T00:00:00.000Z

Link: CVE-2022-43516

Vulnrichment

Updated: 2024-08-03T13:32:59.496Z

NVD

Status : Modified

Published: 2022-12-05T20:15:10.887

Modified: 2024-11-21T07:26:41.040

Link: CVE-2022-43516

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-43516", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "assignerShortName": "Zabbix", "datePublished": "2022-12-12T01:49:10.008Z", "dateUpdated": "2025-04-18T18:09:22.186Z", "dateReserved": "2022-10-19T00:00:00.000Z"}, "containers": {"cna": {"title": "Zabbix Agent installer adds \u201callow all TCP any any\u201d firewall rule", "datePublic": "2022-11-30T00:00:00.000Z", "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2022-12-05T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)"}], "affected": [{"vendor": "Zabbix", "product": "Zabbix agent (MSI packages)", "versions": [{"version": "Oct. 29, 2022 - Dec 2, 2022", "status": "affected"}, {"version": "Dec 3, 2022", "status": "unaffected", "lessThan": "unspecified", "versionType": "custom"}]}, {"vendor": "Zabbix", "product": "Zabbix agent 2 (MSI packages)", "versions": [{"version": "Oct. 29, 2022 - Dec 2, 2022", "status": "affected"}, {"version": "Dec 3, 2022", "status": "unaffected", "lessThan": "unspecified", "versionType": "custom"}]}], "references": [{"url": "https://support.zabbix.com/browse/ZBX-22002"}], "credits": [{"lang": "en", "value": "Joshua PowellNishiyama"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-16 Configuration", "cweId": "CWE-16"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "INTERNAL"}, "workarounds": [{"lang": "en", "value": "If an immediate update is not possible, change the applied local firewall rule to allow the agent port only."}], "solutions": [{"lang": "en", "value": "To remediate this vulnerability, apply the updates listed in the 'Unaffected' section to appropriate products or use the workaround"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:59.496Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.zabbix.com/browse/ZBX-22002", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-18T18:08:51.614314Z", "id": "CVE-2022-43516", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-18T18:09:22.186Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.zabbix.com/browse/ZBX-22002", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:59.496Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-43516", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-18T18:08:51.614314Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-18T18:09:08.110Z"}}], "cna": {"title": "Zabbix Agent installer adds \u201callow all TCP any any\u201d firewall rule", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "value": "Joshua PowellNishiyama"}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Zabbix", "product": "Zabbix agent (MSI packages)", "versions": [{"status": "affected", "version": "Oct. 29, 2022 - Dec 2, 2022"}, {"status": "unaffected", "version": "Dec 3, 2022", "lessThan": "unspecified", "versionType": "custom"}]}, {"vendor": "Zabbix", "product": "Zabbix agent 2 (MSI packages)", "versions": [{"status": "affected", "version": "Oct. 29, 2022 - Dec 2, 2022"}, {"status": "unaffected", "version": "Dec 3, 2022", "lessThan": "unspecified", "versionType": "custom"}]}], "solutions": [{"lang": "en", "value": "To remediate this vulnerability, apply the updates listed in the 'Unaffected' section to appropriate products or use the workaround"}], "datePublic": "2022-11-30T00:00:00.000Z", "references": [{"url": "https://support.zabbix.com/browse/ZBX-22002"}], "workarounds": [{"lang": "en", "value": "If an immediate update is not possible, change the applied local firewall rule to allow the agent port only."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-16", "description": "CWE-16 Configuration"}]}], "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2022-12-05T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-43516", "state": "PUBLISHED", "dateUpdated": "2025-04-18T18:09:22.186Z", "dateReserved": "2022-10-19T00:00:00.000Z", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "datePublished": "2022-12-12T01:49:10.008Z", "assignerShortName": "Zabbix"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_firewall:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE181B91-1359-4EB8-AB0C-CA1E328CD17B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD9C2674-6094-4E7B-9687-2C1C2EE3723F", "versionEndExcluding": "6.0.12", "versionStartIncluding": "6.0.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "01D2C148-527F-4C2D-B82A-95811DB1756F", "versionEndExcluding": "6.2.6", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:6.0.12:rc1:*:*:*:*:*:*", "matchCriteriaId": "C163CC6F-602E-404E-8155-14DFAC35781E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:6.2.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "550C55C9-BF75-4B88-8ACF-470FFC2F20C0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)"}, {"lang": "es", "value": "Una regla de firewall que permite todas las conexiones TCP entrantes a todos los programas desde cualquier fuente y a todos los puertos se crea en el Firewall de Windows despu\u00e9s de la instalaci\u00f3n del agente Zabbix (MSI)."}], "id": "CVE-2022-43516", "lastModified": "2024-11-21T07:26:41.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.7, "source": "security@zabbix.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-05T20:15:10.887", "references": [{"source": "security@zabbix.com", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://support.zabbix.com/browse/ZBX-22002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://support.zabbix.com/browse/ZBX-22002"}], "sourceIdentifier": "security@zabbix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-16"}], "source": "security@zabbix.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}