USN-6751-1: Zabbix vulnerabilities
25 April 2024
Zabbix could allow reflected cross-site scripting (XSS) attacks.
Releases
Packages
- zabbix - Open-source monitoring software tool for diverse IT components
Details
It was discovered that Zabbix incorrectly handled input data in the
discovery and graphs pages. A remote authenticated attacker could possibly
use this issue to perform reflected cross-site scripting (XSS) attacks.
(CVE-2022-35229, CVE-2022-35230)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04
-
zabbix-agent
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-frontend-php
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-java-gateway
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-proxy-mysql
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-proxy-pgsql
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-proxy-sqlite3
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-server-mysql
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
zabbix-server-pgsql
-
1:5.0.17+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04
-
zabbix-agent
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-frontend-php
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-java-gateway
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-proxy-mysql
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-proxy-pgsql
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-proxy-sqlite3
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-server-mysql
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
zabbix-server-pgsql
-
1:4.0.17+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 18.04
-
zabbix-agent
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-frontend-php
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-java-gateway
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-proxy-mysql
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-proxy-pgsql
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-proxy-sqlite3
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-server-mysql
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
-
zabbix-server-pgsql
-
1:3.0.12+dfsg-1ubuntu0.1~esm4
Available with Ubuntu Pro
Ubuntu 16.04
-
zabbix-agent
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-frontend-php
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-java-gateway
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-proxy-mysql
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-proxy-pgsql
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-proxy-sqlite3
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-server-mysql
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
-
zabbix-server-pgsql
-
1:2.4.7+dfsg-2ubuntu2.1+esm4
Available with Ubuntu Pro
Ubuntu 14.04
-
zabbix-agent
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-frontend-php
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-java-gateway
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-proxy-mysql
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-proxy-pgsql
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-proxy-sqlite3
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-server-mysql
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
-
zabbix-server-pgsql
-
1:2.2.2+dfsg-1ubuntu1+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.