Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password...
5.9CVSS
7.8AI Score
0.0004EPSS
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to...
6.5CVSS
6.5AI Score
0.0004EPSS
4.6CVSS
6.2AI Score
0.0004EPSS
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate...
8.8CVSS
7.5AI Score
0.0004EPSS
Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate...
8.2CVSS
7.4AI Score
0.0004EPSS
Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the extraction of this information from the process...
3.8CVSS
7.1AI Score
0.0004EPSS
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate...
8.8CVSS
7.7AI Score
0.0004EPSS
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate...
7.8CVSS
7.7AI Score
0.0004EPSS
Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked...
6.5CVSS
7.5AI Score
0.0005EPSS
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate...
7.8CVSS
7.7AI Score
0.0004EPSS
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious...
7.8CVSS
7.7AI Score
0.0004EPSS
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log...
5.5CVSS
7.1AI Score
0.0004EPSS
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual...
3.5CVSS
7.3AI Score
0.0004EPSS
Improper neutralization of livestatus command delimiters in ajax_search in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized...
8.8CVSS
7.7AI Score
0.001EPSS
Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized...
8.8CVSS
7.7AI Score
0.001EPSS
Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long...
2.7CVSS
7.2AI Score
0.0004EPSS
Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated...
8.8CVSS
8.6AI Score
0.001EPSS
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38,...
6.1CVSS
5.9AI Score
0.0005EPSS
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate...
4.3CVSS
4.5AI Score
0.0004EPSS
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary...
4.3CVSS
4.4AI Score
0.001EPSS
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized...
8.8CVSS
8.8AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.0005EPSS
Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access...
5.5CVSS
5.4AI Score
0.0004EPSS
6.1CVSS
6.2AI Score
0.001EPSS
Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk <= 2.1.0p6, Checkmk <= 2.0.0p27, and all versions of Checkmk 1.6.0 (EOL) allowing an attacker to perform remote code exec...
8.8CVSS
9AI Score
0.001EPSS
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log...
5.5CVSS
5.3AI Score
0.0004EPSS
Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set...
8.8CVSS
8.8AI Score
0.001EPSS
Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any...
4.3CVSS
4.5AI Score
0.0005EPSS
Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain...
5.3CVSS
5.2AI Score
0.001EPSS
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into...
5.4CVSS
5.5AI Score
0.001EPSS
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the...
9.8CVSS
9.4AI Score
0.002EPSS
Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from...
7.8CVSS
7.7AI Score
0.0004EPSS
PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable...
8.8CVSS
8.9AI Score
0.001EPSS
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk <= 2.1.0p13 and Checkmk <= 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API...
5.3CVSS
5.1AI Score
0.001EPSS
Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log...
5.5CVSS
5.6AI Score
0.0004EPSS
Cross-site Request Forgery (CSRF) in Tribe29's Checkmk <= 2.1.0p17, Checkmk <= 2.0.0p31, and all versions of Checkmk 1.6.0 (EOL) allow an attacker to add new visual elements to multiple...
4.3CVSS
4.7AI Score
0.0005EPSS
Command injection in SMS notifications in Tribe29 Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application'...
7.5CVSS
7.7AI Score
0.001EPSS
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration...
3.3CVSS
7.5AI Score
0.0004EPSS
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat...
7.8CVSS
7.6AI Score
0.0004EPSS
Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk <= 2.1.0p19, Checkmk <= 2.0.0p32, and all versions of Checkmk 1.6.0 (EOL) are...
8.1CVSS
7.9AI Score
0.001EPSS
Path-Traversal in MKP storing in Tribe29 Checkmk <=2.0.0p32 and <= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp...
4.9CVSS
5.1AI Score
0.001EPSS
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the...
7.8CVSS
7.7AI Score
0.0004EPSS
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook...
6.7CVSS
6.6AI Score
0.0004EPSS
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other...
6.1CVSS
5.9AI Score
0.001EPSS
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with...
8.8CVSS
8.9AI Score
0.005EPSS
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management...
8.8CVSS
9AI Score
0.006EPSS
In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting...
5.4CVSS
5.3AI Score
0.001EPSS
Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. The Alias of a site was not properly escaped when shown as condition for...
5.4CVSS
5.2AI Score
0.001EPSS
Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help Text is subject to HTML injection, which can be triggered for editing a...
6.1CVSS
6AI Score
0.001EPSS
A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view...
5.4CVSS
5.1AI Score
0.001EPSS