20 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-40904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows...
CheckMK Raw Edition 安全漏洞
tribe29 CheckMK Raw Edition is a comprehensive and flexible IT monitoring system from tribe29, Germany. A security vulnerability exists in CheckMK Raw Edition that stems from a problem with permissions in the /var/lib/dpkg/info/ path. An attacker can exploit the vulnerability to change files or...
CVE-2021-40906
CheckMK Raw Edition software versions 1.5.0 to 1.6.0 does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other...
CVE-2021-40906
CheckMK Raw Edition software versions 1.5.0 to 1.6.0 does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other...
CVE-2021-40904
The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface...
CVE-2021-40904
The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface...
CVE-2021-40904
The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface...
Authentication flaw
CheckMK Raw Edition software versions 1.5.0 to 1.6.0 does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other...
UBUNTU-CVE-2021-40904
The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface...
CVE-2021-40906
CheckMK Raw Edition software versions 1.5.0 to 1.6.0 does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other...
Remote code execution
The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface...
UBUNTU-CVE-2021-40906
CheckMK Raw Edition software versions 1.5.0 to 1.6.0 does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other...
CVE-2021-40906
CheckMK Raw Edition software versions 1.5.0 to 1.6.0 does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other...
CVE-2021-40906
Affected software: CheckMK Raw Edition (versions 1.5.0 to 1.6.0). Vulnerability type / root cause: Reflected XSS due to input not being sanitised in a web service parameter located in an unauthenticated zone. Impact (as described): attacker can inject HTML/JavaScript, potentially opening a backdo...
CVE-2021-40904
The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface...
CVE-2021-40904
CVE-2021-40904 affects CheckMK Raw Edition versions 1.5.0–1.6.0 . A misconfiguration in the default Dokuwiki web-app allows embedding PHP code, leading to remote code execution . Exploitation requires access to the web management interface, with valid credentials or a hijacked admin session. The ...
CheckMK Raw Edition 安全漏洞
tribe29 CheckMK Raw Edition is a comprehensive and flexible IT monitoring system from tribe29, Germany. A security vulnerability exists in CheckMK Raw Edition that originates from a successful exploit that requires the use of valid credentials or a user with the administrator role to hijack a...
PT-2022-11332 · Unknown +1 · Checkmk Raw Edition +1
Name of the Vulnerable Software and Affected Versions: CheckMK Raw Edition versions 1.5.0 through 1.6.0 Description: The issue concerns a misconfiguration in the web management console of CheckMK Raw Edition, specifically with the Dokuwiki web-app that is installed by default. This misconfigurati...
CheckMK Raw Edition 跨站脚本漏洞
tribe29 CheckMK Raw Edition is a comprehensive and flexible IT monitoring system from tribe29 Germany. A security vulnerability exists in CheckMK Raw Edition that allows an attacker to open a backdoor on the device with HTML content that is interpreted by the browser e.g., JavaScript or other...
PT-2022-11334 · Unknown +1 · Checkmk Raw Edition +1
Name of the Vulnerable Software and Affected Versions: CheckMK Raw Edition software versions 1.5.0 through 1.6.0 Description: The issue allows for Reflected XSS, enabling an attacker to inject malicious HTML content, including JavaScript or other client-side scripts, into a user's browser. This...