Zabbix · Zabbix · CVE-2022-23132
**Name of the Vulnerable Software and Affected Versions**
Zabbix (affected versions not specified)
**Description**
The issue is related to incorrect permission assignment for a critical resource in Zabbix. Exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. During Zabbix installation from RPM, the DAC OVERRIDE SELinux capability is used to access PID files in the /var/run/zabbix folder, allowing Zabbix Proxy or Server processes to bypass file read, write, and execute permissions checks on the file system level.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.