1445 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-6572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33,...
Linux Distros Unpatched Vulnerability : CVE-2023-2020
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
Linux Distros Unpatched Vulnerability : CVE-2024-28828
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-Site request forgery in Checkmk 2.3.0p8, 2.2.0p29, 2.1.0p45, and = 2.0.0p39 EOL could lead to 1-click compromize of the site. CVE-2024-28828 Note that...
Linux Distros Unpatched Vulnerability : CVE-2024-38859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute...
Linux Distros Unpatched Vulnerability : CVE-2023-31207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written t...
Linux Distros Unpatched Vulnerability : CVE-2022-48320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Request Forgery CSRF in Tribe29's Checkmk = 2.1.0p17, Checkmk = 2.0.0p31, and all versions of Checkmk 1.6.0 EOL allow an attacker to add new visual...
Linux Distros Unpatched Vulnerability : CVE-2024-5741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 EOL CVE-2024-5741 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2023-23549
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation in Checkmk 2.2.0p15, 2.1.0p37, =2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long...
Linux Distros Unpatched Vulnerability : CVE-2024-28825
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0....
Linux Distros Unpatched Vulnerability : CVE-2023-31208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command...
Linux Distros Unpatched Vulnerability : CVE-2022-48319
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk = 2.1.0p13, Checkmk = 2.0.0p29, and all versions of Checkmk 1.6.0 EOL allows a...
Linux Distros Unpatched Vulnerability : CVE-2024-6542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk = 2.0.0p39, 2.1.0p47, 2.2.0p32 and 2.3.0p11 allows arbitrary livestatus command...
Linux Distros Unpatched Vulnerability : CVE-2024-28827
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p8, 2.2.0p29, 2.1.0p45, and = 2.0.0p39 EOL allows a local attacker to gain...
Linux Distros Unpatched Vulnerability : CVE-2024-28832
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows users with permission to change Global Settings...
Linux Distros Unpatched Vulnerability : CVE-2023-6157
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command executi...
Linux Distros Unpatched Vulnerability : CVE-2023-23548
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected XSS in business intelligence in Checkmk 2.2.0p8, 2.1.0p32, 2.0.0p38, =1.6.0p30. CVE-2023-23548 Note that Nessus relies on the presence of the package ...
Linux Distros Unpatched Vulnerability : CVE-2024-6052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 EOL allows users to execute arbitrary scripts by injecting HTML elements...
Linux Distros Unpatched Vulnerability : CVE-2024-6163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain http endpoints of Checkmk in Checkmk 2.3.0p10 2.2.0p31, 2.1.0p46, = 2.0.0p39 allows remote attacker to bypass authentication and access data CVE-2024-61...
Linux Distros Unpatched Vulnerability : CVE-2024-0638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Least privilege violation in the Checkmk agent plugins mkoracle, mkoracle.ps1, and mkoraclecrs before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL...
Linux Distros Unpatched Vulnerability : CVE-2023-6156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus...