Cyber Resilience

CVE-2022-23132

LowLPE

Published: 13 January 2022

Published
13 January 2022
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
EPSS Score 0.0014 34.1th percentile
Risk Priority 7 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-23132 is a low-severity Improper Access Control (CWE-284) vulnerability in Zabbix Zabbix. Its CVSS base score is 3.3 (Low).

Operationally, ranked at the 34.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

zabbix
zabbix
6.0.0 · 4.0.0 — 4.0.36 · 5.0.0 — 5.0.18 · 5.4.0 — 5.4.8
fedoraproject
fedora
34, 35

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-284 CWE-732

The access control policy and procedures directly mandate and enforce proper access control mechanisms across the organization.

addresses: CWE-284 CWE-732

Associating and retaining security attributes with data directly supports enforcement of access control decisions across storage, processing, and transmission.

addresses: CWE-732 CWE-284

Prevents overly permissive assignments to critical resources by limiting to task needs.

addresses: CWE-284 CWE-732

The awareness and training policy mandates training on access control practices, directly reducing the likelihood of improper access control weaknesses being introduced or exploited.

addresses: CWE-284 CWE-732

Security training teaches access control policies and enforcement, reducing improper access control implementations.

addresses: CWE-284 CWE-732

The control directly enforces access controls to prevent unauthorized access, modification, or deletion of audit information and tools.

addresses: CWE-284 CWE-732

Control assessments verify that access controls are implemented correctly and operating as intended, detecting improper access control before exploitation.

addresses: CWE-284 CWE-732

Certification requires independent assessment confirming access controls are implemented correctly and effective.

References