VYPR
Unrated severityNVD Advisory· Published Jan 13, 2022· Updated Nov 3, 2025

Incorrect permissions of [/var/run/zabbix] forces dac_override

CVE-2022-23132

Description

During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zabbix/Zabbixllm-fuzzy
  • Zabbix/Proxy, Serverv5
    Range: 4.0.0 - 4.0.36

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.