Lucene search
HistoryJul 02, 2024 - 8:15 a.m.
CVE-2024-38857
vulnerability
input neutralization
checkmk
phishing attacks
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
9.2%
Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows attackers to craft malicious links that can facilitate phishing attacks.
References
Related
cve
cve
CVE-2024-38857
2024-07-02 08:15:06
vulnrichment
vulnrichment
CVE-2024-38857 Reflected links in visuals facilitate phishing attacks
2024-07-02 08:11:19
cvelist
cvelist
CVE-2024-38857 Reflected links in visuals facilitate phishing attacks
2024-07-02 08:11:19
ubuntucve
ubuntucve
CVE-2024-38857
2024-07-02 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
9.2%
Related for NVD:CVE-2024-38857