Lucene search
K

7 matches found

CVE
CVE
added 2023/04/20 1:6 p.m.47 views

CVE-2022-46302

CVE-2022-46302 affects Tribe29 Checkmk installations prior to patched versions: Checkmk <= 2.1.0p6, Checkmk

8.8CVSS9AI score0.00385EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/02/20 5:15 p.m.25 views

CVE-2022-47909

Livestatus Query Language LQL injection in the AuthUser HTTP query header of Tribe29's Checkmk = 2.1.0p11, Checkmk = 2.0.0p28, and all versions of Checkmk 1.6.0 EOL allows an attacker to perform direct queries to the application's core from localhost...

7.8CVSS7.1AI score0.00392EPSS
Exploits2References2
OSV
OSV
added 2023/02/20 5:15 p.m.20 views

CVE-2022-48320

Cross-site Request Forgery CSRF in Tribe29's Checkmk = 2.1.0p17, Checkmk = 2.0.0p31, and all versions of Checkmk 1.6.0 EOL allow an attacker to add new visual elements to multiple pages...

4.3CVSS4.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/02/20 5:15 p.m.20 views

CVE-2022-46836

PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component...

9.1CVSS7.3AI score0.01126EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2023/02/20 5:15 p.m.24 views

CVE-2022-47909

Livestatus Query Language LQL injection in the AuthUser HTTP query header of Tribe29's Checkmk = 2.1.0p11, Checkmk = 2.0.0p28, and all versions of Checkmk 1.6.0 EOL allows an attacker to perform direct queries to the application's core from localhost...

7.8CVSS7.1AI score0.00392EPSS
Exploits2References2
Prion
Prion
added 2023/02/20 5:15 p.m.15 views

Code injection

PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component...

6.5CVSS8.9AI score0.01126EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2023/02/20 4:55 p.m.20 views

CVE-2022-48318 Insecure access control mechanisms for RestAPI documentation

No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation...

5.3CVSS5.4AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder