CVE-2022-46768

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-46768

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-46768.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-46768

Downstream

DEBIAN-CVE-2022-46768

Published

2022-12-15T07:15:09.733Z

Modified

2026-03-13T06:47:00.660462Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.

References

https://support.zabbix.com/browse/ZBX-22087

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-46768.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "6.0.0"
            },
            {
                "last_affected": "6.0.11"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "6.2.0"
            },
            {
                "last_affected": "6.2.5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "6.0.12"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "6.2.0"
            },
            {
                "fixed": "6.2.6"
            }
        ]
    }
]