Lucene search
CheckmkCVELIST:CVE-2024-38857HistoryJul 02, 2024 - 8:11 a.m.
CVE-2024-38857 Reflected links in visuals facilitate phishing attacks
2024-07-0208:11:19
CWE-79
Checkmk
www.cve.org
input neutralization checkmk phishing attacks
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
9.2%
Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows attackers to craft malicious links that can facilitate phishing attacks.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.3.0p8",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"lessThan": "2.2.0p28",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p45",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
]References
Related
cve
cve
CVE-2024-38857
2024-07-02 08:15:06
nvd
nvd
CVE-2024-38857
2024-07-02 08:15:06
vulnrichment
vulnrichment
CVE-2024-38857 Reflected links in visuals facilitate phishing attacks
2024-07-02 08:11:19
ubuntucve
ubuntucve
CVE-2024-38857
2024-07-02 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
9.2%
Related for CVELIST:CVE-2024-38857