Lucene search
CheckmkCVELIST:CVE-2024-3367HistoryApr 16, 2024 - 11:59 a.m.
CVE-2024-3367 Argument injection to runmqsc
2024-04-1611:59:43
CWE-349
Checkmk
www.cve.org
cve-2024-3367
argument injection
websphere_mq
checkmk 2.0.0
checkmk 2.1.0
checkmk 2.2.0p26
checkmk 2.3.0b5
local attacker
runmqsc
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.3.0b5",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"lessThan": "2.2.0p26",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p99",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
]References
Related
nvd
nvd
CVE-2024-3367
2024-04-16 12:15:10
ubuntucve
ubuntucve
CVE-2024-3367
2024-04-16 00:00:00
cve
cve
CVE-2024-3367
2024-04-16 12:15:10
vulnrichment
vulnrichment
CVE-2024-3367 Argument injection to runmqsc
2024-04-16 11:59:43
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-3367