Lucene search
HistoryJun 26, 2024 - 8:15 a.m.
CVE-2024-28830
checkmk
information security
log files
sensitive information
automation user
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
9.1%
Insertion of Sensitive Information into Log File in Checkmk GmbH’s Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files accessible to administrators.
References
Related
osv
osv
CVE-2024-28830
2024-06-26 08:15:00
UBUNTU-CVE-2024-28830
2024-06-26 08:15:00
ubuntucve
ubuntucve
CVE-2024-28830
2024-06-26 00:00:00
cve
cve
CVE-2024-28830
2024-06-26 08:15:09
vulnrichment
vulnrichment
CVE-2024-28830 Automation user secrets written to audit log
2024-06-26 07:56:57
cvelist
cvelist
CVE-2024-28830 Automation user secrets written to audit log
2024-06-26 07:56:57
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
9.1%
Related for NVD:CVE-2024-28830