Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-20383

Possible remote code execution in Zabbix Java Gateway with logback 1.2.7 and prior versions (no CVE registered)

XMLWordPrintable

    • Sprint 83 (Dec 2021), Sprint 84 (Jan 2022), Sprint 85 (Feb 2022), Sprint 86 (Mar 2022), Sprint 87 (Apr 2022), Sprint 88 (May 2022), Sprint 89 (Jun 2022)
    • 0.5

      CVE number no CVE registered
      CVSS score -
      Severity Medium
      Affected versions 2.0-2.X
      3.0-3.X
      4.0.0 - 4.0.36
      5.0.18
      5.4.0 -5.4.8
      6.0.0alpha1-6.0.0beta1
      Description In Zabbix Java Gateway with logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
      Known attack vectors A successful RCE attack with CVE-2021-42550 requires all of the following conditions to be met: write access to zabbix_java_gateway_logback.xml; use of logback versions < 1.2.9; reloading of poisoned configuration data, which implies application restart or scan="true" set prior to the attack. An attacker with such privileges may get remote access to the server with Zabbix Java Gateway
      Resolution To remediate CVE-2021-42550 apply the updates listed in the 'Fixed Version' section to appropriate products or if an immediate update is not possible, follow the presented below workarounds.
      As an additional measure for the fixed versions, we also recommend checking permission to /etc/zabbix/zabbix_java_gateway_logback.xml file and set it read-only, if write permissions are available for “zabbix” user. 
      Workarounds If an immediate update is not possible, check permissions for “zabbix” user:
      • /etc/zabbix/zabbix_java_gateway_logback.xml file permissions are set to read-only only;
      • the user cannot restart Zabbix Java Gateway service.

            vso Vladislavs Sokurenko
            vso Vladislavs Sokurenko
            Team A
            Votes:
            0 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: