1445 matches found
CVE-2024-38859
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by...
CVE-2024-38859
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by...
CVE-2024-38859
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by...
UBUNTU-CVE-2024-38859
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by...
CVE-2024-38859 XSS in view page with SLA column
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by...
CVE-2024-38859 XSS in view page with SLA column
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by...
CVE-2024-38859
CVE-2024-38859 is a cross-site scripting (XSS) vulnerability in Checkmk. It affects view pages with the SLA column when using Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47, or 2.0.0 (EOL). The root cause is injection of HTML elements into the SLA column title, enabling execution of scrip...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions 2.3.0p14, 2.2.0p33, 2.1.0p47, and 2.0.0 EOL, which stems from a cross-site scripting vulnerability in a view page configured with an SLA column...
PT-2024-28240 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p14 Checkmk versions prior to 2.2.0p33 Checkmk versions prior to 2.1.0p47 Checkmk version 2.0.0 Description: The issue allows malicious users to execute arbitrary scripts by injecting HTML elements into the SLA...
CVE-2024-28829
Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...
CVE-2024-28829
Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...
CVE-2024-28829
Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...
CVE-2024-28829 Privilege escalation in mk_informix plugin
Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...
CVE-2024-28829 Privilege escalation in mk_informix plugin
Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...
CVE-2024-28829
CVE-2024-28829 affects the Checkmk agent plugin for Informix (mk_informix). The root cause is a least-privilege violation combined with reliance on untrusted inputs, allowing local users to escalate privileges. Affected products/versions include Checkmk prior to 2.3.0p12, prior to 2.2.0p32, prior...
PT-2024-22597 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p12 Checkmk versions prior to 2.2.0p32 Checkmk versions prior to 2.1.0p47 Checkmk version 2.0.0 Description: The issue is related to a least privilege violation and reliance on untrusted inputs in the mk informi...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk that stems from a least privilege violation and a dependency on untrusted inputs in the mkinformix Checkmk agent plugin, which allows local users to elevate privileges...
The vulnerability of the mknotifyd software, a monitoring tool for IT infrastructure, allows a perpetrator to execute arbitrary commands.
The vulnerability of the mknotifyd software for monitoring IT infrastructure systems in Checkmk is related to improper elimination of separators. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2024-6542
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk = 2.0.0p39, 2.1.0p47, 2.2.0p32 and 2.3.0p11 allows arbitrary livestatus command execution...
CVE-2024-6542
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk = 2.0.0p39, 2.1.0p47, 2.2.0p32 and 2.3.0p11 allows arbitrary livestatus command execution...