CVE-2023-29450 - OpenCVE

JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zabbix	Zabbix

Configuration 1 [-]

OR	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::
	cpe:2.3:a:zabbix:zabbix::::::::

No data.

References

Link	Providers
https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html
https://support.zabbix.com/browse/ZBX-22588

History

No history.

MITRE

Status: PUBLISHED

Assigner: Zabbix

Published: 2023-07-13T08:25:27.911Z

Updated: 2024-08-02T14:07:46.421Z

Reserved: 2023-04-06T18:04:44.891Z

Link: CVE-2023-29450

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-07-13T09:15:09.660

Modified: 2023-08-22T19:16:34.983

Link: CVE-2023-29450

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29450", "assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "state": "PUBLISHED", "assignerShortName": "Zabbix", "dateReserved": "2023-04-06T18:04:44.891Z", "datePublished": "2023-07-13T08:25:27.911Z", "dateUpdated": "2024-08-02T14:07:46.421Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Server", "Proxy"], "product": "Zabbix", "repo": "https://git.zabbix.com/", "vendor": "Zabbix", "versions": [{"changes": [{"at": "5.0.32rc1", "status": "unaffected"}], "lessThanOrEqual": "5.0.31", "status": "affected", "version": "5.0", "versionType": "git"}, {"changes": [{"at": "6.0.14rc1 (6.0.16 is recommended)", "status": "unaffected"}], "lessThanOrEqual": "6.0.13", "status": "affected", "version": "6.0", "versionType": "git"}, {"changes": [{"at": "6.2.8rc1", "status": "unaffected"}], "lessThanOrEqual": "6.2.7", "status": "affected", "version": "6.2", "versionType": "git"}, {"changes": [{"at": "6.4.0rc2", "status": "unaffected"}], "lessThanOrEqual": "6.4.0rc1", "status": "affected", "version": "6.4", "versionType": "git"}]}], "datePublic": "2023-02-23T08:03:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."}], "value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."}], "impacts": [{"capecId": "CAPEC-410", "descriptions": [{"lang": "en", "value": "CAPEC-410 Information Elicitation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8", "shortName": "Zabbix", "dateUpdated": "2023-07-13T08:25:27.911Z"}, "references": [{"url": "https://support.zabbix.com/browse/ZBX-22588"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Unauthorized limited filesystem access from preprocessing", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:07:46.421Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.zabbix.com/browse/ZBX-22588", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "F04570DF-A096-42C3-B16D-1B134B009F3D", "versionEndIncluding": "5.0.33", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "221530A4-AB8C-434C-BB41-F5A5E98317B4", "versionEndIncluding": "6.0.15", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FB7A41B-6B72-4A37-8A30-AA23BADAE942", "versionEndIncluding": "6.4.1", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5B6F1C5-A8C8-4F4B-848C-5585523280E0", "versionEndIncluding": "6.4.4", "versionStartIncluding": "6.4.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."}], "id": "CVE-2023-29450", "lastModified": "2023-08-22T19:16:34.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 6.0, "source": "security@zabbix.com", "type": "Secondary"}]}, "published": "2023-07-13T09:15:09.660", "references": [{"source": "security@zabbix.com", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"}, {"source": "security@zabbix.com", "tags": ["Vendor Advisory"], "url": "https://support.zabbix.com/browse/ZBX-22588"}], "sourceIdentifier": "security@zabbix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-552"}], "source": "security@zabbix.com", "type": "Secondary"}]}