2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%
Insertion of Sensitive Information into Log File in Checkmk GmbH’s Checkmk
versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes
automation user secrets to be written to audit log files accessible to
administrators.
Author | Note |
---|---|
Priority reason: Info leak is only visible to administrators so has low impact. |
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%