| Max CVSS | 8.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-2332 | 5.5 |
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by lev
|
01-09-2015 - 17:27 | 31-08-2015 - 18:59 | |
| CVE-2014-2331 | 8.5 |
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.
|
01-09-2015 - 17:26 | 31-08-2015 - 18:59 | |
| CVE-2014-2330 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or p
|
01-09-2015 - 15:17 | 31-08-2015 - 18:59 | |
| CVE-2014-2329 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent string for a check_mk agent, a (2) crafted request to a
|
01-09-2015 - 14:55 | 31-08-2015 - 18:59 |