Lucene search

Ubuntu.comUB:CVE-2023-6287

HistoryNov 27, 2023 - 12:00 a.m.

CVE-2023-6287

2023-11-2700:00:00

ubuntu.com

cve-2023-6287

webconf

sensitive data exposure

tribe29 checkmk appliance

password retrieval

log files

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before
1.6.8 allows local attacker to retrieve passwords via reading log files.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchcheck-mk< anyUNKNOWN
ubuntu16.04noarchcheck-mk< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	check-mk	< any	UNKNOWN
ubuntu	16.04	noarch	check-mk	< any	UNKNOWN

References

checkmk.com/werk/9554

launchpad.net/bugs/cve/CVE-2023-6287

nvd.nist.gov/vuln/detail/CVE-2023-6287

security-tracker.debian.org/tracker/CVE-2023-6287

www.cve.org/CVERecord?id=CVE-2023-6287

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2023-6287