10 matches found
Ubuntu 16.04 ESM : Checkmk vulnerabilities (USN-5527-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5527-2 advisory. USN-5527-1 fixed vulnerabilities in Checkmk. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding...
Ubuntu: Security Advisory (USN-5527-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5527-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5527-2: Checkmk vulnerabilities
USN-5527-1 fixed vulnerabilities in Checkmk. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information...
USN-5527-1: Checkmk vulnerabilities
It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information disclosure. CVE-2017-14955 It was discovered that Checkmk incorrectly handled certain inputs. An attacker could use these cross-site...
Ubuntu 18.04 LTS : Checkmk vulnerabilities (USN-5527-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5527-1 advisory. It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to...
Check MK < 1.6.0p25, 2.0.x < 2.0.0p4 XSS Vulnerability
Check MK is prone to a cross-site scripting XSS vulnerability in the management web console. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...
Exploit for Cross-site Scripting in Checkmk
CVE-2021-36563 – Multiple Stored and Reflected XSS Applicat...
CVE-2021-36563
The CheckMK management web console versions 1.5.0 to 2.0.0 does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other client-side scripts, the XSS...
CVE-2021-36563
CVE-2021-36563 affects Checkmk Management Web Console (versions 1.5.0–2.0.0). The vulnerability is an input sanitization flaw in WATO module parameters that enables cross‑site scripting (XSS). Exploitation can occur via the web management interface with valid credentials or an hijacked session, p...