This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Critical Auth Bypass in Zabbix. π **Consequences**: Attackers bypass login, access dashboards anonymously, and create unauthorized elements (Reports/Maps) visible to admins.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: Missing or weak authentication measures. π **Flaw**: The `dashboard.view` action lacks proper identity verification for `dashboardid=1`.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: Zabbix SIA Zabbix. π **Versions**: 4.4 and earlier. β οΈ **Component**: `zabbix.php`.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Privileges**: Anonymous access. π **Actions**: Create Dashboards, Reports, Screens, Maps. ποΈ **Impact**: Created items are visible to other users and admins.
π₯ **Exploit**: YES. π **PoC**: Available on GitHub (K3ysTr0K3R) and Nuclei templates. π **Wild Exploitation**: High risk due to ease of use.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for `zabbix.php?action=dashboard.view&dashboardid=1`. π‘ **Tools**: Use Nuclei templates or manual HTTP requests. π **Feature**: Look for anonymous dashboard access.
Q8Is it fixed officially? (Patch/Mitigation)
π οΈ **Fix**: YES. π’ **Update**: Upgrade Zabbix to a version > 4.4. π **Reference**: Debian LTS security update (DLA 3538-1) confirms patch availability.
Q9What if no patch? (Workaround)
π§ **Workaround**: Block access to `zabbix.php` via WAF/ACL. π **Mitigation**: Restrict `dashboardid=1` access. π« **Action**: Disable anonymous dashboard viewing if possible.
Q10Is it urgent? (Priority Suggestion)
π΄ **Priority**: CRITICAL. π **Urgency**: HIGH. β‘ **Reason**: Easy exploitation, no auth required, direct impact on system integrity and data visibility.