1445 matches found
Checkmk 2.2.x < 2.2.0p5 Information Disclosure Vulnerability
Checkmk is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; if...
CVE-2023-22359
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
CVE-2023-22359
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
CVE-2023-22359
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
Code injection
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
UBUNTU-CVE-2023-22359
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
CVE-2023-22359 User-enumeration in RestAPI
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
CVE-2023-22359 User-enumeration in RestAPI
User enumeration in Checkmk =2.2.0p4 allows an authenticated attacker to enumerate usernames...
CVE-2023-22359
CVE-2023-22359 describes a user-enumeration issue in Checkmk versions up to 2.2.0p4. The provided documents consistently frame the vulnerability as an authenticated user enumeration of usernames, without detailing specific exploit steps, affected modules, or exploitability in the wild. No concret...
Checkmk 安全漏洞
Checkmk is an editor. A security vulnerability exists in Checkmk version 2.2.0p4 and earlier versions, which stems from a vulnerability that allows an authenticated attacker to enumerate usernames...
PT-2023-18454 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.2.0p4 Description: The issue allows an authenticated attacker to enumerate usernames through user enumeration. Recommendations: For versions prior to 2.2.0p4, update to a version that contains a fix for this issue...
Checkmk Authorization Issues Vulnerability (CNVD-2023-39427)
Checkmk is an editor. Checkmk GmbH suffers from an authorization issue vulnerability that stems from improper RestAPI authorization, which can be exploited by an authenticated attacker to read arbitrary host configurations...
Checkmk 2.0.x < 2.0.p36, 2.1.x < 2.1.0p28 Command Injection Vulnerability
Checkmk is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; if...
CVE-2023-22348
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
CVE-2023-22348
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
CVE-2023-22348
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
UBUNTU-CVE-2023-22348
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
Authorization
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
CVE-2023-22348 Reading host_configs does not honour contact groups
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
CVE-2023-22348
CVE-2023-22348 affects Checkmk with improper authorization in the REST API. Versions prior to 2.1.0p28 and prior to 2.2.0b8 allow remote authenticated users to read arbitrary host_configs due to insufficient access checks. Impact is limited to confidentiality (read of host_configs); no integrity/...