CVE-2022-43515 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-43515 Interim 1 9 2025-11-05T01:26:31Z current 2022-12-07T00:39:34Z 2025-11-05T01:26:31Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-43515 Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2022-December/013237.html E-Mail link for SUSE-SU-2022:4477-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS-TERADATA SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 zabbix zabbix-agent-4.0.12-4.21.1 zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS-TERADATA zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server 12 SP3-TERADATA zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server 12 SP5 zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 zabbix-agent-4.0.12-4.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 zabbix-agent-4.0.12-4.21.1 as a component of SUSE OpenStack Cloud 9 zabbix-agent-4.0.12-4.21.1 as a component of SUSE OpenStack Cloud Crowbar 9 zabbix as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range. CVE-2022-43515 SUSE Linux Enterprise Server 12 SP3-BCL:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server 12 SP3-LTSS-TERADATA:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server 12 SP3-TERADATA:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server 12 SP4-ESPOS:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server 12 SP4-LTSS:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server 12 SP5:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:zabbix-agent-4.0.12-4.21.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:zabbix-agent-4.0.12-4.21.1 SUSE OpenStack Cloud 9:zabbix-agent-4.0.12-4.21.1 SUSE OpenStack Cloud Crowbar 9:zabbix-agent-4.0.12-4.21.1 moderate 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N