Lucene search
K

106 matches found

OSV
OSV
added 2023/02/20 5:15 p.m.55 views

UBUNTU-CVE-2022-46303

Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...

8CVSS5.9AI score0.01096EPSS
Exploits0References3
OSV
OSV
added 2023/02/20 5:15 p.m.25 views

UBUNTU-CVE-2022-48318

No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...

5.3CVSS5.8AI score0.00486EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/20 4:55 p.m.10 views

CVE-2022-48318 Insecure access control mechanisms for RestAPI documentation

No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...

5.3CVSS5.1AI score0.00486EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.5 views

PT-2023-15696 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions 1.6.0 and earlier Checkmk versions 2.0.0 through 2.0.0p29 Checkmk versions 2.1.0 through 2.1.0p13 Description: A sensitive host secret is disclosed in the cmk-update-agent.log file, allowing an attacker to gain access to the...

6.5CVSS7.1AI score0.00219EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/01/09 12:0 a.m.5 views

PT-2023-15897 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions 2.0.0 through 2.0.0p32 Checkmk versions 2.1.0 through 2.1.0p18 Description: The issue allows an administrator to write mkp files to arbitrary locations via a malicious mkp file, due to a path-traversal vulnerability in MKP...

4.9CVSS7AI score0.00485EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 p.m.6 views

CVE-2022-24565

Checkmk =2.0.0p19 Fixed in 2.0.0p20 and Checkmk =1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting XSS vulnerability. The Alias of a site was not properly escaped when shown as condition for notifications...

5.4CVSS6.1AI score0.00622EPSS
Exploits0References2
Rows per page
Query Builder