Lucene search
CheckmkCVE-2023-6287HistoryNov 27, 2023 - 2:15 p.m.
CVE-2023-6287
2023-11-2714:15:08
CWE-532
CWE-598
Checkmk
web.nvd.nist.gov
16
cve-2023-6287
sensitive data exposure
tribe29 checkmk appliance
password retrieval
log files
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0
Percentile
5.1%
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log files.
Affected configurations
Node
tribe29checkmk_appliance_firmwareRange<1.6.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tribe29 | checkmk_appliance_firmware | * | cpe:2.3:o:tribe29:checkmk_appliance_firmware:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk Appliance",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "1.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]References
Related
ubuntucve
ubuntucve
CVE-2023-6287
2023-11-27 00:00:00
prion
prion
Code injection
2023-11-27 14:15:00
cvelist
cvelist
CVE-2023-6287 Backup password in GET parameter
2023-11-27 14:04:01
nvd
nvd
CVE-2023-6287
2023-11-27 14:15:08
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2023-6287