2 matches found
CVE-2022-47909
Livestatus Query Language LQL injection in the AuthUser HTTP query header of Tribe29's Checkmk = 2.1.0p11, Checkmk = 2.0.0p28, and all versions of Checkmk 1.6.0 EOL allows an attacker to perform direct queries to the application's core from localhost...
Server side request forgery (ssrf)
Limited Server-Side Request Forgery SSRF in agent-receiver in Tribe29's Checkmk = 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API...