Lucene search
ZabbixCVELIST:CVE-2022-43516HistoryNov 30, 2022 - 12:00 a.m.
CVE-2022-43516 Zabbix Agent installer adds “allow all TCP any any” firewall rule
2022-11-3000:00:00
CWE-16
Zabbix
www.cve.org
1
zabbix
agent
installer
firewall rule
tcp
windows
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
9.7 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.2%
A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
CNA Affected
[
{
"vendor": "Zabbix",
"product": "Zabbix agent (MSI packages)",
"versions": [
{
"version": "Oct. 29, 2022 - Dec 2, 2022",
"status": "affected"
},
{
"version": "Dec 3, 2022",
"status": "unaffected",
"lessThan": "unspecified",
"versionType": "custom"
}
]
},
{
"vendor": "Zabbix",
"product": "Zabbix agent 2 (MSI packages)",
"versions": [
{
"version": "Oct. 29, 2022 - Dec 2, 2022",
"status": "affected"
},
{
"version": "Dec 3, 2022",
"status": "unaffected",
"lessThan": "unspecified",
"versionType": "custom"
}
]
}
]References
Related
alpinelinux
alpinelinux
CVE-2022-43516
2022-12-05 20:15:00
prion
prion
Design/Logic Flaw
2022-12-05 20:15:00
cve
cve
CVE-2022-43516
2022-12-05 20:15:10
osv
osv
CVE-2022-43516
2022-12-05 20:15:10
ubuntucve
ubuntucve
CVE-2022-43516
2022-12-05 00:00:00
nvd
nvd
CVE-2022-43516
2022-12-05 20:15:10
debiancve
debiancve
CVE-2022-43516
2022-12-05 20:15:10
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
9.7 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.2%
Related for CVELIST:CVE-2022-43516