CVE-2022-43516 - OpenCVE

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows Firewall
Zabbix	Zabbix

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:windows_firewall:-:::::::*
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix:6.0.12:rc1::::::
	cpe:2.3:a:zabbix:zabbix:6.2.6:rc1::::::

No data.

References

Link	Providers
https://support.zabbix.com/browse/ZBX-22002

History

No history.

MITRE

Status: PUBLISHED

Assigner: Zabbix

Published: 2022-12-12T01:49:10.008967Z

Updated: 2024-09-16T20:22:44.845Z

Reserved: 2022-10-19T00:00:00

Link: CVE-2022-43516

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-12-05T20:15:10.887

Modified: 2022-12-07T17:23:42.017

Link: CVE-2022-43516

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-43516", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "assignerShortName": "Zabbix", "datePublished": "2022-12-12T01:49:10.008967Z", "dateUpdated": "2024-09-16T20:22:44.845Z", "dateReserved": "2022-10-19T00:00:00"}, "containers": {"cna": {"title": "Zabbix Agent installer adds \u201callow all TCP any any\u201d firewall rule", "datePublic": "2022-11-30T00:00:00", "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2022-12-05T00:00:00"}, "descriptions": [{"lang": "en", "value": "A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)"}], "affected": [{"vendor": "Zabbix", "product": "Zabbix agent (MSI packages)", "versions": [{"version": "Oct. 29, 2022 - Dec 2, 2022", "status": "affected"}, {"version": "Dec 3, 2022", "status": "unaffected", "lessThan": "unspecified", "versionType": "custom"}]}, {"vendor": "Zabbix", "product": "Zabbix agent 2 (MSI packages)", "versions": [{"version": "Oct. 29, 2022 - Dec 2, 2022", "status": "affected"}, {"version": "Dec 3, 2022", "status": "unaffected", "lessThan": "unspecified", "versionType": "custom"}]}], "references": [{"url": "https://support.zabbix.com/browse/ZBX-22002"}], "credits": [{"lang": "en", "value": "Joshua PowellNishiyama"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-16 Configuration", "cweId": "CWE-16"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "INTERNAL"}, "workarounds": [{"lang": "en", "value": "If an immediate update is not possible, change the applied local firewall rule to allow the agent port only."}], "solutions": [{"lang": "en", "value": "To remediate this vulnerability, apply the updates listed in the 'Unaffected' section to appropriate products or use the workaround"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:59.496Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.zabbix.com/browse/ZBX-22002", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_firewall:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE181B91-1359-4EB8-AB0C-CA1E328CD17B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD9C2674-6094-4E7B-9687-2C1C2EE3723F", "versionEndExcluding": "6.0.12", "versionStartIncluding": "6.0.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "01D2C148-527F-4C2D-B82A-95811DB1756F", "versionEndExcluding": "6.2.6", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:6.0.12:rc1:*:*:*:*:*:*", "matchCriteriaId": "C163CC6F-602E-404E-8155-14DFAC35781E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:6.2.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "550C55C9-BF75-4B88-8ACF-470FFC2F20C0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)"}, {"lang": "es", "value": "Una regla de firewall que permite todas las conexiones TCP entrantes a todos los programas desde cualquier fuente y a todos los puertos se crea en el Firewall de Windows despu\u00e9s de la instalaci\u00f3n del agente Zabbix (MSI)."}], "id": "CVE-2022-43516", "lastModified": "2022-12-07T17:23:42.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.7, "source": "security@zabbix.com", "type": "Secondary"}]}, "published": "2022-12-05T20:15:10.887", "references": [{"source": "security@zabbix.com", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://support.zabbix.com/browse/ZBX-22002"}], "sourceIdentifier": "security@zabbix.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-16"}], "source": "security@zabbix.com", "type": "Secondary"}]}