After the initial setup process, some steps of setup.php...
Moderate severity
Unreviewed
Published
Feb 9, 2022
to the GitHub Advisory Database
•
Updated Jul 24, 2024
Description
Published by the National Vulnerability Database
Jan 13, 2022
Published to the GitHub Advisory Database
Feb 9, 2022
Last updated
Jul 24, 2024
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
References