Headline
CVE-2022-23132: [ZBX-20341] Incorrect permissions of [/var/run/zabbix] forces dac_override (CVE-2022-23132)
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
CVE number
CVE-2022-23132
CVSS score
3.3
Severity
Low
Description
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level.
Known attack vectors
-
Resolution
To remediate this vulnerability, apply the updates listed in the ‘Fixed Version’ section to appropriate products.
Acknowledgements
Zabbix wants to thank Brian J. Murrell for reporting this issue to us
Affected versions
4.0.0 - 4.0.36
5.0.0 – 5.0.18
5.4.0 – 5.4.8
6.0.0alpha1-6.0.0alpha7
Workarounds
-