Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
25 vulnerabilities
CVE-2023-31209 (GCVE-0-2023-31209)
Vulnerability from cvelistv5 – Published: 2023-08-10 08:14 – Updated: 2024-08-28 20:24
VLAI
Title
Command injection via active checks and REST API
Summary
Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15194 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.2.0 , < 2.2.0p4
(semver)
Affected: 2.1.0 , < 2.1.0p32 (semver) Affected: 2.0.0 , < 2.0.0p38 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:53:30.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15194"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T20:23:39.698795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T20:24:16.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.2.0p4",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p32",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "2.0.0p38",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of active check command arguments in Checkmk \u003c 2.1.0p32, \u003c 2.0.0p38, \u003c 2.2.0p4 leads to arbitrary command execution for authenticated users."
}
],
"impacts": [
{
"capecId": "CAPEC-6",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-6: Argument Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T09:47:02.416Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/15194"
}
],
"title": "Command injection via active checks and REST API"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-31209",
"datePublished": "2023-08-10T08:14:12.067Z",
"dateReserved": "2023-04-25T08:49:15.443Z",
"dateUpdated": "2024-08-28T20:24:16.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23548 (GCVE-0-2023-23548)
Vulnerability from cvelistv5 – Published: 2023-08-01 09:42 – Updated: 2024-09-27 21:58
VLAI
Title
XSS in business intelligence
Summary
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15691 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.2.0 , < 2.2.0p8
(semver)
Affected: 2.1.0 , < 2.1.0p32 (semver) Affected: 2.0.0 , < 2.0.0p38 (semver) Affected: 1.6.0 , ≤ 1.6.0p30 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15691"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23548",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T21:50:12.357186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T21:58:16.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.2.0p8",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p32",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "2.0.0p38",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected XSS in business intelligence in Checkmk \u003c2.2.0p8, \u003c2.1.0p32, \u003c2.0.0p38, \u003c=1.6.0p30."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591: Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-01T09:42:58.428Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15691"
}
],
"title": "XSS in business intelligence"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-23548",
"datePublished": "2023-08-01T09:42:58.428Z",
"dateReserved": "2023-01-18T15:32:06.498Z",
"dateUpdated": "2024-09-27T21:58:16.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22359 (GCVE-0-2023-22359)
Vulnerability from cvelistv5 – Published: 2023-06-26 06:51 – Updated: 2024-08-28 20:25
VLAI
Title
User-enumeration in RestAPI
Summary
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15890 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15890"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22359",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T20:25:16.139712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T20:25:29.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.2.0p4",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "User enumeration in Checkmk \u003c=2.2.0p4 allows an authenticated attacker to enumerate usernames."
}
],
"impacts": [
{
"capecId": "CAPEC-575",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-575: Account Footprinting"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203: Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T09:46:00.200Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/15890"
}
],
"title": "User-enumeration in RestAPI"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22359",
"datePublished": "2023-06-26T06:51:24.193Z",
"dateReserved": "2023-01-18T15:32:06.543Z",
"dateUpdated": "2024-08-28T20:25:29.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22348 (GCVE-0-2023-22348)
Vulnerability from cvelistv5 – Published: 2023-05-17 15:51 – Updated: 2025-01-22 16:47
VLAI
Title
Reading host_configs does not honour contact groups
Summary
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/13982 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.2.0 , < 2.2.0b8
(semver)
Affected: 2.1.0 , < 2.1.0p28 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/13982"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T16:47:28.652373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T16:47:31.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.2.0b8",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p28",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization in RestAPI in Checkmk GmbH\u0027s Checkmk versions \u003c2.1.0p28 and \u003c2.2.0b8 allows remote authenticated users to read arbitrary host_configs."
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54: Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-17T15:51:54.376Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/13982"
}
],
"title": "Reading host_configs does not honour contact groups"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22348",
"datePublished": "2023-05-17T15:51:54.376Z",
"dateReserved": "2023-01-18T15:32:06.534Z",
"dateUpdated": "2025-01-22T16:47:31.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31208 (GCVE-0-2023-31208)
Vulnerability from cvelistv5 – Published: 2023-05-17 08:24 – Updated: 2025-01-21 21:07
VLAI
Title
Livestatus command injection in RestAPI
Summary
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-140 - Improper Neutralization of Delimiters
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15191 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.2.0 , < 2.2.0b8
(semver)
Affected: 2.1.0 , < 2.1.0p28 (semver) Affected: 2.0.0 , < 2.0.0p36 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:26.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15191"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T21:07:40.332832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T21:07:58.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.2.0b8",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p28",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "2.0.0p36",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk \u003c 2.0.0p36, \u003c 2.1.0p28, and \u003c 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users."
}
],
"impacts": [
{
"capecId": "CAPEC-15",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-15: Command Delimiters"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-140",
"description": "CWE-140: Improper Neutralization of Delimiters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-17T08:24:59.173Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15191"
}
],
"title": "Livestatus command injection in RestAPI"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-31208",
"datePublished": "2023-05-17T08:24:59.173Z",
"dateReserved": "2023-04-25T08:49:15.442Z",
"dateUpdated": "2025-01-21T21:07:58.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22318 (GCVE-0-2023-22318)
Vulnerability from cvelistv5 – Published: 2023-05-15 08:34 – Updated: 2025-01-23 19:19
VLAI
Title
Denial of service against webconf
Summary
Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-412 - Unrestricted Externally Accessible Lock
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/9526 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tribe29 | Checkmk Appliance |
Affected:
0 , < 1.6.5
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/9526"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T19:18:05.392756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T19:19:35.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk Appliance",
"vendor": "Tribe29",
"versions": [
{
"lessThan": "1.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5."
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469: HTTP DoS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-412",
"description": "CWE-412: Unrestricted Externally Accessible Lock",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T08:34:43.641Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/9526"
}
],
"title": "Denial of service against webconf"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22318",
"datePublished": "2023-05-15T08:34:43.641Z",
"dateReserved": "2023-01-18T15:32:06.483Z",
"dateUpdated": "2025-01-23T19:19:35.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31207 (GCVE-0-2023-31207)
Vulnerability from cvelistv5 – Published: 2023-05-02 08:52 – Updated: 2025-01-30 14:18
VLAI
Title
Automation user secret logged to Apache access log
Summary
Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log.
Severity
4.4 (Medium)
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15189 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:26.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15189"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-31207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T14:17:49.278719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T14:18:33.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.2.0b6",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p26",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p35",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transmission of credentials within query parameters in Checkmk \u003c= 2.1.0p26, \u003c= 2.0.0p35, and \u003c= 2.2.0b6 (beta) may cause the automation user\u0027s secret to be written to the site Apache access log."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37: Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-02T08:52:31.629Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15189"
}
],
"title": "Automation user secret logged to Apache access log"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-31207",
"datePublished": "2023-05-02T08:52:31.629Z",
"dateReserved": "2023-04-25T08:49:15.442Z",
"dateUpdated": "2025-01-30T14:18:33.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46302 (GCVE-0-2022-46302)
Vulnerability from cvelistv5 – Published: 2023-04-20 13:06 – Updated: 2025-02-04 21:43
VLAI
Title
Remote Code Execution with Root Privileges via Broad Apache Permissions
Summary
Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk <= 2.1.0p6, Checkmk <= 2.0.0p27, and all versions of Checkmk 1.6.0 (EOL) allowing an attacker to perform remote code execution with root privileges on the underlying host.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14281 |
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14281"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46302",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T21:43:15.215927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T21:43:19.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p27",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p6",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jan-Philipp Litza (PLUTEX GmbH)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29\u0027s Checkmk \u003c= 2.1.0p6, Checkmk \u003c= 2.0.0p27, and all versions of Checkmk 1.6.0 (EOL) allowing an attacker to perform remote code execution with root privileges on the underlying host."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T13:06:30.238Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/14281"
}
],
"title": "Remote Code Execution with Root Privileges via Broad Apache Permissions"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-46302",
"datePublished": "2023-04-20T13:06:30.238Z",
"dateReserved": "2023-01-18T15:49:58.114Z",
"dateUpdated": "2025-02-04T21:43:19.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22309 (GCVE-0-2023-22309)
Vulnerability from cvelistv5 – Published: 2023-04-20 13:05 – Updated: 2025-02-04 21:43
VLAI
Title
Reflected Cross Site Scripting (XSS)
Summary
Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/9523 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tribe29 | Checkmk Appliance |
Affected:
0 , < 1.6.4
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/9523"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T21:43:34.690088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T21:43:45.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk Appliance",
"vendor": "Tribe29",
"versions": [
{
"lessThan": "1.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4."
}
],
"impacts": [
{
"capecId": "CAPEC-32",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-32: XSS Through HTTP Query Strings"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T13:05:27.510Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/9523"
}
],
"title": "Reflected Cross Site Scripting (XSS)"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22309",
"datePublished": "2023-04-20T13:05:27.510Z",
"dateReserved": "2023-01-18T15:32:06.467Z",
"dateUpdated": "2025-02-04T21:43:45.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22294 (GCVE-0-2023-22294)
Vulnerability from cvelistv5 – Published: 2023-04-18 18:59 – Updated: 2025-02-05 21:22
VLAI
Title
Privilege escalation in Checkmk Appliance
Summary
Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/9520 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tribe29 | Checkmk Appliance |
Affected:
0 , < 1.6.4
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/9520"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22294",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T21:22:12.909789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T21:22:34.383Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk Appliance",
"vendor": "Tribe29",
"versions": [
{
"lessThan": "1.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T18:59:33.380Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/9520"
}
],
"title": "Privilege escalation in Checkmk Appliance"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22294",
"datePublished": "2023-04-18T18:59:33.380Z",
"dateReserved": "2023-01-18T15:32:06.452Z",
"dateUpdated": "2025-02-05T21:22:34.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22307 (GCVE-0-2023-22307)
Vulnerability from cvelistv5 – Published: 2023-04-18 18:57 – Updated: 2025-02-05 21:21
VLAI
Title
Site-Passwords in GET parameters
Summary
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/9522 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tribe29 | Checkmk Appliance |
Affected:
0 , < 1.6.4
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:05.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/9522"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T21:20:52.188590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T21:21:07.125Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk Appliance",
"vendor": "Tribe29",
"versions": [
{
"lessThan": "1.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-598",
"description": "CWE-598: Use of GET Request Method With Sensitive Query Strings",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T18:57:53.574Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/9522"
}
],
"title": "Site-Passwords in GET parameters"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22307",
"datePublished": "2023-04-18T18:57:53.574Z",
"dateReserved": "2023-01-18T15:32:06.435Z",
"dateUpdated": "2025-02-05T21:21:07.125Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2020 (GCVE-0-2023-2020)
Vulnerability from cvelistv5 – Published: 2023-04-18 11:09 – Updated: 2025-02-05 15:48
VLAI
Title
Unauthorized scheduling of downtimes via REST API
Summary
Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/13981 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/13981"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T15:48:04.310630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:48:19.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.2.0b4",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p27",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient permission checks in the REST API in Tribe29 Checkmk \u003c= 2.1.0p27 and \u003c= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122: Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T11:09:09.107Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/13981"
}
],
"title": "Unauthorized scheduling of downtimes via REST API"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-2020",
"datePublished": "2023-04-18T11:09:09.107Z",
"dateReserved": "2023-04-13T08:38:39.338Z",
"dateUpdated": "2025-02-05T15:48:19.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1768 (GCVE-0-2023-1768)
Vulnerability from cvelistv5 – Published: 2023-04-04 06:30 – Updated: 2025-02-11 17:07
VLAI
Title
Symmetric agent data encryption fails silently
Summary
Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-446 - UI Discrepancy for Security Feature
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15423 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:57:25.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15423"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T17:06:06.855905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T17:07:22.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.2.0b3",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p25",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p34",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Inappropriate error handling in Tribe29 Checkmk \u003c= 2.1.0p25, \u003c= 2.0.0p34, \u003c= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations."
}
],
"impacts": [
{
"capecId": "CAPEC-651",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-651: Eavesdropping"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-446",
"description": "CWE-446: UI Discrepancy for Security Feature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-04T06:30:29.538Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15423"
}
],
"title": "Symmetric agent data encryption fails silently"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-1768",
"datePublished": "2023-04-04T06:30:29.538Z",
"dateReserved": "2023-03-31T08:10:02.118Z",
"dateUpdated": "2025-02-11T17:07:22.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22288 (GCVE-0-2023-22288)
Vulnerability from cvelistv5 – Published: 2023-03-20 15:33 – Updated: 2025-02-26 19:09
VLAI
Title
Email HTML Injection
Summary
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-138 - Improper Neutralization of Special Elements
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15069 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:05.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15069"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T19:08:54.536741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T19:09:03.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p34",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p23",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTML Email Injection in Tribe29 Checkmk \u003c=2.1.0p23; \u003c=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242: Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-138",
"description": "CWE-138: Improper Neutralization of Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-20T15:33:59.877Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15069"
}
],
"title": "Email HTML Injection"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-22288",
"datePublished": "2023-03-20T15:33:59.877Z",
"dateReserved": "2023-01-18T15:32:06.397Z",
"dateUpdated": "2025-02-26T19:09:03.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48320 (GCVE-0-2022-48320)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:56 – Updated: 2025-03-12 18:10
VLAI
Title
CSRF in add-visual endpoint
Summary
Cross-site Request Forgery (CSRF) in Tribe29's Checkmk <= 2.1.0p17, Checkmk <= 2.0.0p31, and all versions of Checkmk 1.6.0 (EOL) allow an attacker to add new visual elements to multiple pages.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14924 |
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14924"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T18:09:56.865240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T18:10:01.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p31",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p17",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jan H\u00f6rsch (SSE \u2013 Secure Systems Engineering GmbH)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Request Forgery (CSRF) in Tribe29\u0027s Checkmk \u003c= 2.1.0p17, Checkmk \u003c= 2.0.0p31, and all versions of Checkmk 1.6.0 (EOL) allow an attacker to add new visual elements to multiple pages."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T12:57:20.486Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/14924"
}
],
"title": "CSRF in add-visual endpoint"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-48320",
"datePublished": "2023-02-20T16:56:40.889Z",
"dateReserved": "2023-02-08T08:46:54.800Z",
"dateUpdated": "2025-03-12T18:10:01.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48319 (GCVE-0-2022-48319)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:56 – Updated: 2025-03-12 14:00
VLAI
Title
Host secret disclosed in Checkmk logs
Summary
Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14916 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14916"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T14:00:22.741456Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T14:00:50.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p29",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p13",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29\u0027s Checkmk \u003c= 2.1.0p13, Checkmk \u003c= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-20T16:56:18.397Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/14916"
}
],
"title": "Host secret disclosed in Checkmk logs"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-48319",
"datePublished": "2023-02-20T16:56:18.397Z",
"dateReserved": "2023-02-08T08:46:54.799Z",
"dateUpdated": "2025-03-12T14:00:50.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48318 (GCVE-0-2022-48318)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:55 – Updated: 2025-03-12 18:12
VLAI
Title
Insecure access control mechanisms for RestAPI documentation
Summary
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk <= 2.1.0p13 and Checkmk <= 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14509 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14509"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T18:10:45.661098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T18:12:07.460Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p29",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p13",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "No authorisation controls in the RestAPI documentation for Tribe29\u0027s Checkmk \u003c= 2.1.0p13 and Checkmk \u003c= 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-20T16:55:53.162Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/14509"
}
],
"title": "Insecure access control mechanisms for RestAPI documentation"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-48318",
"datePublished": "2023-02-20T16:55:53.162Z",
"dateReserved": "2023-02-08T08:46:54.799Z",
"dateUpdated": "2025-03-12T18:12:07.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48317 (GCVE-0-2022-48317)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:55 – Updated: 2025-03-12 18:12
VLAI
Title
Insecure Termination of RestAPI Session Tokens
Summary
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14485 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14485"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T18:12:35.724507Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T18:12:47.322Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p28",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p10",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Expired sessions were not securely terminated in the RestAPI for Tribe29\u0027s Checkmk \u003c= 2.1.0p10 and Checkmk \u003c= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-20T16:55:28.000Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/14485"
}
],
"title": "Insecure Termination of RestAPI Session Tokens"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-48317",
"datePublished": "2023-02-20T16:55:28.000Z",
"dateReserved": "2023-02-08T08:46:54.799Z",
"dateUpdated": "2025-03-12T18:12:47.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48321 (GCVE-0-2022-48321)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:54 – Updated: 2024-08-03 15:10
VLAI
Title
SSRF in agent-receiver API
Summary
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.
Severity
6.8 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14385"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.1.0p11",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Stefan Schiller (SonarSource)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29\u0027s Checkmk \u003c= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T12:48:50.741Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/14385"
},
{
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/"
}
],
"title": "SSRF in agent-receiver API"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-48321",
"datePublished": "2023-02-20T16:54:44.369Z",
"dateReserved": "2023-02-08T08:46:54.800Z",
"dateUpdated": "2024-08-03T15:10:59.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-47909 (GCVE-0-2022-47909)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:53 – Updated: 2024-08-03 15:02
VLAI
Title
LQL Injection in Livestatus HTTP headers
Summary
Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from localhost.
Severity
6.8 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14384"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p28",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p11",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Stefan Schiller (SonarSource)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of\u00a0Tribe29\u0027s Checkmk \u003c= 2.1.0p11, Checkmk \u003c= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application\u0027s core from localhost."
}
],
"impacts": [
{
"capecId": "CAPEC-6",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-6 Argument Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T12:48:30.803Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/14384"
},
{
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/"
}
],
"title": "LQL Injection in Livestatus HTTP headers"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-47909",
"datePublished": "2023-02-20T16:53:37.606Z",
"dateReserved": "2023-01-18T15:49:58.108Z",
"dateUpdated": "2024-08-03T15:02:36.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46836 (GCVE-0-2022-46836)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:52 – Updated: 2024-08-03 14:39
VLAI
Title
PHP code injection in watolib
Summary
PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component.
Severity
9.1 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:39:39.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14383"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p27",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p10",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p29",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Stefan Schiller (SonarSource)"
}
],
"descriptions": [
{
"lang": "en",
"value": "PHP code injection in watolib auth.php and hosttags.php in Tribe29\u0027s Checkmk \u003c= 2.1.0p10, Checkmk \u003c= 2.0.0p27, and Checkmk \u003c= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T12:47:39.295Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/14383"
},
{
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-3/"
}
],
"title": "PHP code injection in watolib"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-46836",
"datePublished": "2023-02-20T16:52:56.912Z",
"dateReserved": "2023-01-18T15:49:58.118Z",
"dateUpdated": "2024-08-03T14:39:39.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46303 (GCVE-0-2022-46303)
Vulnerability from cvelistv5 – Published: 2023-02-20 16:49 – Updated: 2025-03-12 18:13
VLAI
Title
Command injection in SMS notifications
Summary
Command injection in SMS notifications in Tribe29 Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local permissions.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14381 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:45.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14381"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T18:13:19.288262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T18:13:23.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p27",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p10",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p29",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command injection in SMS notifications in Tribe29 Checkmk \u003c= 2.1.0p10, Checkmk \u003c= 2.0.0p27, and Checkmk \u003c= 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application\u0027s local permissions."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-20T16:49:49.961Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/14381"
}
],
"title": "Command injection in SMS notifications"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-46303",
"datePublished": "2023-02-20T16:49:49.961Z",
"dateReserved": "2023-01-18T15:49:58.122Z",
"dateUpdated": "2025-03-12T18:13:23.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43440 (GCVE-0-2022-43440)
Vulnerability from cvelistv5 – Published: 2023-02-09 08:30 – Updated: 2025-03-24 15:15
VLAI
Title
Privilege escalation via manipulated unixcat executable
Summary
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/14087 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:58.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/14087"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43440",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T15:14:24.264811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T15:15:20.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThan": "2.1.0p1",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "2.0.0p25",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThan": "1.6.0p29",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-09T08:30:42.285Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/14087"
}
],
"title": "Privilege escalation via manipulated unixcat executable"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-43440",
"datePublished": "2023-02-09T08:30:42.285Z",
"dateReserved": "2023-01-18T15:49:58.102Z",
"dateUpdated": "2025-03-24T15:15:20.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0284 (GCVE-0-2023-0284)
Vulnerability from cvelistv5 – Published: 2023-01-24 12:03 – Updated: 2025-03-27 20:22
VLAI
Title
Improper validation of LDAP user IDs
Summary
Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk <= 2.1.0p19, Checkmk <= 2.0.0p32, and all versions of Checkmk 1.6.0 (EOL) are affected.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15181 |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:44.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15181"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T20:21:51.839182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T20:22:06.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p32",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p19",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk \u003c= 2.1.0p19, Checkmk \u003c= 2.0.0p32, and all versions of Checkmk 1.6.0 (EOL) are affected."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-24T12:03:57.774Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15181"
}
],
"title": "Improper validation of LDAP user IDs"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2023-0284",
"datePublished": "2023-01-24T12:03:57.774Z",
"dateReserved": "2023-01-13T09:42:39.643Z",
"dateUpdated": "2025-03-27T20:22:06.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4884 (GCVE-0-2022-4884)
Vulnerability from cvelistv5 – Published: 2023-01-09 16:11 – Updated: 2025-04-08 18:46
VLAI
Title
Path-Traversal in MKP storing
Summary
Path-Traversal in MKP storing in Tribe29 Checkmk <=2.0.0p32 and <= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://checkmk.com/werk/15065 |
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:45.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/15065"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T18:45:52.807031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:46:15.013Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p32",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p18",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "unaffected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Niko Wenselowski (SVA)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Path-Traversal in MKP storing in Tribe29 Checkmk \u003c=2.0.0p32 and \u003c= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T10:41:01.356Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Tribe29"
},
"references": [
{
"url": "https://checkmk.com/werk/15065"
}
],
"title": "Path-Traversal in MKP storing"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Tribe29",
"cveId": "CVE-2022-4884",
"datePublished": "2023-01-09T16:11:16.227Z",
"dateReserved": "2023-01-09T12:41:19.246Z",
"dateUpdated": "2025-04-08T18:46:15.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}