106 matches found
UBUNTU-CVE-2023-31208
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command execution for authorized users...
CVE-2023-31208
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command execution for authorized users...
CVE-2023-31208 Livestatus command injection in RestAPI
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command execution for authorized users...
CVE-2023-31208 Livestatus command injection in RestAPI
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command execution for authorized users...
CVE-2023-31208
CVE-2023-31208 affects Checkmk via improper neutralization of livestatus command delimiters in the RestAPI, allowing arbitrary livestatus command execution for authorized users. Affected are Checkmk versions prior to 2.0.0p36, 2.1.0p28, and 2.2.0b8 (beta). The connected Red Hat/OSV/Nessus entries...
Checkmk 命令注入漏洞
Checkmk is an editor. A security vulnerability in Checkmk versions 2.0.0p36 prior to 2.0.x, 2.1.x prior to 2.1.0p28, and 2.2.x prior to 2.2.0b8, which stems from an improperly neutralized livestatus command delimiter in RestAPI, can be exploited by an attacker to execute arbitrary livestatus...
Checkmk 2.0.x < 2.0.0p30, 2.1.x < 2.1.0p14, 2.2.x < 2.2.0b1 Information Disclosure Vulnerability
Checkmk is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; if...
CVE-2022-48318
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...
CVE-2022-48317
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
CVE-2022-48317
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
CVE-2022-48318
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...
UBUNTU-CVE-2022-48317
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
Information disclosure
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...
CVE-2022-48318
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...
Design/Logic Flaw
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
CVE-2022-48317
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
CVE-2022-48318
Tribe29 Checkmk < = 2.1.0p13 and
CVE-2022-48318 Insecure access control mechanisms for RestAPI documentation
No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...
CVE-2022-48317 Insecure Termination of RestAPI Session Tokens
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
CVE-2022-48317
CVE-2022-48317 affects Tribe29 Checkmk up to 2.1.0p10 and up to 2.0.0p28. Root cause: expired sessions are not securely terminated in the RestAPI, enabling use of expired session tokens during RestAPI communication. Impact metrics indicate potential high impact to confidentiality, integrity, and ...