CVE-2022-23134: 
Zabbix Server vulnerability analysis and mitigation

CVE-2022-23134 is a security vulnerability discovered in the Zabbix Frontend that affects versions 5.4.0 through 5.4.8 and 6.0.0 through 6.0.0beta1. The vulnerability was discovered in December 2021 and publicly disclosed in January 2022. The issue allows unauthenticated users to access setup.php file steps that should only be accessible to super-administrators, potentially enabling configuration changes to the Zabbix Frontend (Zabbix Issue, NVD).

The vulnerability stems from improper access control in the setup.php file of the Zabbix Frontend. After the initial setup process, certain steps remain accessible to unauthenticated users instead of being restricted to super-administrators only. The vulnerability has been assigned a CVSS v3.1 base score of 5.3 (MEDIUM) by NIST and 3.7 (LOW) by Zabbix, with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N. The vulnerability is classified under CWE-287 (Improper Authentication) and CWE-284 (Improper Access Control) (NVD).

If exploited, an attacker could bypass step checks and potentially modify the configuration of the Zabbix Frontend. This could lead to unauthorized changes to the system's monitoring setup and potentially affect the security and functionality of the Zabbix deployment (Zabbix Issue, SonarSource).

The vulnerability has been patched in Zabbix versions 6.0.0beta2, 5.4.9, 5.0.19, and 4.0.37. If immediate updates are not possible, the recommended workaround is to remove the setup.php file from the system. Organizations using affected versions should upgrade to the patched versions as soon as possible (Zabbix Issue, Fedora Release).