Lucene search
HistoryJan 09, 2023 - 5:15 p.m.
CVE-2022-4884
cve-2022-4884
path-traversal
mkp
tribe29 checkmk
nvd
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.2%
Path-Traversal in MKP storing in Tribe29 Checkmk <=2.0.0p32 and <= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file.
Affected configurations
Node
tribe29checkmkMatch2.0.0-
ORtribe29checkmkMatch2.0.0b1
ORtribe29checkmkMatch2.0.0b2
ORtribe29checkmkMatch2.0.0b3
ORtribe29checkmkMatch2.0.0b4
ORtribe29checkmkMatch2.0.0b5
ORtribe29checkmkMatch2.0.0b6
ORtribe29checkmkMatch2.0.0b7
ORtribe29checkmkMatch2.0.0b8
ORtribe29checkmkMatch2.0.0i1
ORtribe29checkmkMatch2.0.0p1
ORtribe29checkmkMatch2.0.0p10
ORtribe29checkmkMatch2.0.0p11
ORtribe29checkmkMatch2.0.0p12
ORtribe29checkmkMatch2.0.0p13
ORtribe29checkmkMatch2.0.0p14
ORtribe29checkmkMatch2.0.0p15
ORtribe29checkmkMatch2.0.0p16
ORtribe29checkmkMatch2.0.0p17
ORtribe29checkmkMatch2.0.0p18
ORtribe29checkmkMatch2.0.0p19
ORtribe29checkmkMatch2.0.0p2
ORtribe29checkmkMatch2.0.0p20
ORtribe29checkmkMatch2.0.0p21
ORtribe29checkmkMatch2.0.0p22
ORtribe29checkmkMatch2.0.0p23
ORtribe29checkmkMatch2.0.0p24
ORtribe29checkmkMatch2.0.0p25
ORtribe29checkmkMatch2.0.0p26
ORtribe29checkmkMatch2.0.0p27
ORtribe29checkmkMatch2.0.0p28
ORtribe29checkmkMatch2.0.0p29
ORtribe29checkmkMatch2.0.0p3
ORtribe29checkmkMatch2.0.0p30
ORtribe29checkmkMatch2.0.0p31
ORtribe29checkmkMatch2.0.0p32
ORtribe29checkmkMatch2.0.0p4
ORtribe29checkmkMatch2.0.0p5
ORtribe29checkmkMatch2.0.0p6
ORtribe29checkmkMatch2.0.0p7
ORtribe29checkmkMatch2.0.0p8
ORtribe29checkmkMatch2.0.0p9
ORtribe29checkmkMatch2.1.0b1
ORtribe29checkmkMatch2.1.0b2
ORtribe29checkmkMatch2.1.0b3
ORtribe29checkmkMatch2.1.0b4
ORtribe29checkmkMatch2.1.0b5
ORtribe29checkmkMatch2.1.0b6
ORtribe29checkmkMatch2.1.0b7
ORtribe29checkmkMatch2.1.0b8
ORtribe29checkmkMatch2.1.0b9
ORtribe29checkmkMatch2.1.0p1
ORtribe29checkmkMatch2.1.0p10
ORtribe29checkmkMatch2.1.0p11
ORtribe29checkmkMatch2.1.0p12
ORtribe29checkmkMatch2.1.0p13
ORtribe29checkmkMatch2.1.0p14
ORtribe29checkmkMatch2.1.0p15
ORtribe29checkmkMatch2.1.0p16
ORtribe29checkmkMatch2.1.0p17
ORtribe29checkmkMatch2.1.0p18
ORtribe29checkmkMatch2.1.0p2
ORtribe29checkmkMatch2.1.0p3
ORtribe29checkmkMatch2.1.0p4
ORtribe29checkmkMatch2.1.0p5
ORtribe29checkmkMatch2.1.0p6
ORtribe29checkmkMatch2.1.0p7
ORtribe29checkmkMatch2.1.0p8
ORtribe29checkmkMatch2.1.0p9
| CPE | Name | Operator | Version |
|---|---|---|---|
| tribe29:checkmk | tribe29 checkmk | eq | 2.0.0 |
| tribe29:checkmk | tribe29 checkmk | eq | 2.1.0 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p32",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p18",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "unaffected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
]References
Related
prion
prion
Path traversal
2023-01-09 17:15:00
openvas
openvas
Checkmk 2.0.x < 2.0.0p33, 2.1.x < 2.1.0p19 Path Traversal Vulnerability
2023-01-10 00:00:00
osv
osv
CVE-2022-4884
2023-01-09 17:15:11
ubuntucve
ubuntucve
CVE-2022-4884
2023-01-09 00:00:00
nvd
nvd
CVE-2022-4884
2023-01-09 17:15:11
cvelist
cvelist
CVE-2022-4884 Path-Traversal in MKP storing
2023-01-09 16:11:16
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.2%
Related for CVE-2022-4884