CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The CheckMK version on the remote host has reached the End of Life EOL and should not be used anymore. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.1AI score

Exploits0References1

Veracode•added 2019/01/15 9:6 a.m.•28 views

Cross-site Scripting (XSS)

check-mk is vulnerable to cross-site scripting XSS attacks. The vulnerability exists through multiple cross-site scripting XSS vulnerabilities in the multisite component in CheckMK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or HTML via...

3.5CVSS5.2AI score0.00288EPSS

Exploits0References351Affected Software30

UbuntuCve•added 2018/07/19 5:29 p.m.•24 views

CVE-2014-0243

CheckMK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/checkmkagent/job...

5.5CVSS6.1AI score0.00049EPSS

Exploits2References2

Prion•added 2018/07/19 5:29 p.m.•25 views

Code injection

CheckMK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/checkmkagent/job...

2.1CVSS6.5AI score0.00049EPSS

Exploits2References11Affected Software1

NVD•added 2018/07/19 5:29 p.m.•15 views

CVE-2014-0243

CheckMK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/checkmkagent/job...

5.5CVSS5.2AI score0.00049EPSS

Exploits2References11

Cvelist•added 2018/07/19 5:0 p.m.•22 views

CVE-2014-0243

CheckMK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/checkmkagent/job...

5.2AI score0.00049EPSS

Exploits2References11

CVE•added 2018/07/19 5:0 p.m.•60 views

CVE-2014-0243

CVE-2014-0243 affects Check_MK through 1.2.5i2p1. Local attackers can read arbitrary files by exploiting a symlink in /var/lib/check_mk_agent/job leading to a file disclosure. The connected Nessus data indicates affected Linux builds (e.g., 1.2.3i pre-1.2.5i3) and references a mitigation path: up...

5.5CVSS5.1AI score0.00049EPSS

Exploits2References11Affected Software1

Tenable Nessus•added 2017/12/14 12:0 a.m.•42 views

Check_MK Internal Server Error XSS

The version of CheckMK running on the remote web server is affected by a reflected cross-site XSS scripting vulnerability in the Internal Server Error page, due to improper encoding of error log output. An unauthenticated, remote attacker can exploit this to execute arbitrary script code in a...

6.1CVSS6.4AI score0.00351EPSS

Exploits1References2

RedhatCVE•added 2017/12/12 11:20 a.m.•16 views

CVE-2017-11507

A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...

6.1CVSS3.1AI score0.00351EPSS

Exploits1References1

CNVD•added 2017/12/12 12:0 a.m.•3 views

Mathias Kettner Check_MK Cross-Site Scripting Vulnerability

Mathias Kettner CheckMK is an open-source, general-purpose Nagios/Icinga monitoring system data collection plug-in from Mathias Kettner, Germany, which collects data from operating system and network components by employing a new methodology and supports the automated detection of monitoring item...

6.1CVSS6.4AI score0.00351EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by