1445 matches found
CVE-2024-47092
Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1...
CVE-2024-47092 Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api
Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1...
CVE-2024-47092
CVE-2024-47092 affects the Checkmk Exchange plugin check-mk-api prior to 5.8.1. The underlying issue is insecure deserialization and improper certificate validation in the plugin, with CVSS v3.1 base score 9.8 (CRITICAL) and CVSS4 base score 7.7 (HIGH). Attack vector is NETWORK with no user inter...
CVE-2024-47092 Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api
Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1...
Checkmk Exchange plugin check-mk-api 代码问题漏洞
Checkmk Exchange plugin check-mk-api is a plugin from Checkmk, Inc. A security vulnerability exists in Checkmk Exchange plugin check-mk-api versions prior to 5.8.1 that stems from insecure deserialization and improper certificate validation...
CVE-2025-1075
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...
CVE-2025-1075
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...
UBUNTU-CVE-2025-1075
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...
CVE-2025-1075 LDAP credentials logged to Apache error log
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...
CVE-2025-1075
The CVE-2025-1075 entry concerns Checkmk: affected versions are <2.3.0p27,
CVE-2025-1075 LDAP credentials logged to Apache error log
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.3.0p27, prior to 2.2.0p40, and 2.1.0p51, which stems from LDAP credentials being written to an Apache error log file...
CVE-2022-43440
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable...
CVE-2022-46302
Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...
CVE-2022-46836
PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component...
CVE-2022-46303
Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...
CVE-2024-28827
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p8, 2.2.0p29, 2.1.0p45, and = 2.0.0p39 EOL allows a local attacker to gain SYSTEM privileges...
CVE-2024-28826
Improper restriction of local upload and download paths in checksftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 EOL allows attackers with sufficient permissions to configure the check to read and write local files on the Checkmk site server...
CVE-2024-28828
Cross-Site request forgery in Checkmk 2.3.0p8, 2.2.0p29, 2.1.0p45, and = 2.0.0p39 EOL could lead to 1-click compromize of the site...
CVE-2024-28824
Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL allows local users to escalate privileges...