Zabbix SAML Authentication Bypass (CVE-2022-23131)
Research:
https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
PoC:
https://github.com/jweny/zabbix-saml-bypass-exp
#zabbix #research #auth #bypass #cve
Research:
https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
PoC:
https://github.com/jweny/zabbix-saml-bypass-exp
#zabbix #research #auth #bypass #cve
Sonarsource
Zabbix - A Case Study of Unsafe Session Storage
In this article we discuss the security of client-side session storages and analyze a vulnerable implementation in the IT monitoring solution Zabbix.