1445 matches found
CVE-2023-22307
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files...
Privilege escalation
Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions...
UBUNTU-CVE-2023-22307
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files...
CVE-2023-22294 Privilege escalation in Checkmk Appliance
Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions...
CVE-2023-22294
CVE-2023-22294 affects Tribe29 Checkmk Appliance prior to 1.6.4. The root cause is incorrectly set permissions that allow authenticated site users to escalate privileges (high impact: confidentiality, integrity, and availability). Affected product: Checkmk Appliance (Tribe29) prior to version 1.6...
CVE-2023-22294 Privilege escalation in Checkmk Appliance
Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions...
CVE-2023-22307 Site-Passwords in GET parameters
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files...
CVE-2023-22307 Site-Passwords in GET parameters
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files...
CVE-2023-22307
CVE-2023-22307 affects Tribe29 Checkmk Appliance prior to 1.6.4. The vulnerability is an information disclosure in Webconf that allows a local attacker to recover passwords by reading log files. The underlying issue is exposure of sensitive data in Webconf logs. The documented remediation is to u...
CVE-2023-2020
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
CVE-2023-2020
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
CVE-2023-2020
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
Design/Logic Flaw
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
UBUNTU-CVE-2023-2020
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
CVE-2023-2020 Unauthorized scheduling of downtimes via REST API
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
CVE-2023-2020 Unauthorized scheduling of downtimes via REST API
Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...
CVE-2023-2020
The CVE-2023-2020 entry concerns Checkmk (Tribe29) REST API permission checks. Affected products are Checkmk versions prior to 2.1.0p27 and prior to 2.2.0b4 (beta). The root cause is insufficient permission checks in the REST API, which allows unauthorized users to schedule downtimes for any host...
Checkmk 安全漏洞
Checkmk is an editor. A security vulnerability exists in Tribe29 Checkmk Appliance versions prior to 1.6.4, which stems from a vulnerability that allows a user to escalate privileges with incorrectly set permissions...
Checkmk 安全漏洞
Checkmk is an editor. A security vulnerability exists in Tribe29 Checkmk that stems from insufficient REST API permission checking, which allows an attacker to schedule downtime for any host. Affected products and versions: Tribe29 Checkmk 2.1.0p27 and earlier, 2.2.0b4 beta and earlier...
PT-2023-18415 · Tribe29 · Tribe29 Checkmk Appliance
Name of the Vulnerable Software and Affected Versions: Tribe29 Checkmk Appliance versions prior to 1.6.4 Description: The issue allows a local attacker to retrieve passwords by reading log files, specifically due to sensitive data exposure in Webconf. This can lead to unauthorized access to...