3 matches found
CVE-2022-47909
Livestatus Query Language LQL injection in the AuthUser HTTP query header of Tribe29's Checkmk = 2.1.0p11, Checkmk = 2.0.0p28, and all versions of Checkmk 1.6.0 EOL allows an attacker to perform direct queries to the application's core from localhost...
CVE-2023-0284
Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk = 2.1.0p19, Checkmk = 2.0.0p32, and all versions of Checkmk 1.6.0 EOL are affected...
CVE-2023-0284 Improper validation of LDAP user IDs
Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk = 2.1.0p19, Checkmk = 2.0.0p32, and all versions of Checkmk 1.6.0 EOL are affected...