| Max CVSS | 9.3 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-5338 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in the multisite component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the (1) render_statu
|
09-10-2018 - 19:50 | 22-08-2014 - 14:55 | |
| CVE-2014-5340 | 9.3 |
The wato component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to an automation URL.
|
09-10-2018 - 19:50 | 02-09-2014 - 14:55 | |
| CVE-2014-5339 | 4.9 |
Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authenticated users to write check_mk config files (.mk files) to arbitrary locations via vectors related to row selections.
|
09-10-2018 - 19:50 | 02-09-2014 - 14:55 |