Lucene search
CheckmkVULNRICHMENT:CVE-2024-28824HistoryMar 22, 2024 - 10:26 a.m.
CVE-2024-28824 Privilege escalation in mk_informix plugin
2024-03-2210:26:35
CWE-807
CWE-272
Checkmk
github.com
cve-2024-28824
privilege escalation
least privilege violation
untrusted inputs
checkmk 2.3.0b4
checkmk 2.2.0p24
checkmk 2.1.0p41
checkmk 2.0.0 eol
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7 High
AI Score
Confidence
High
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.3.0b4",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"lessThan": "2.2.0p24",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p41",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
]References
Related
cve
cve
CVE-2024-28824
2024-03-22 11:15:46
cvelist
cvelist
CVE-2024-28824 Privilege escalation in mk_informix plugin
2024-03-22 10:26:35
nvd
nvd
CVE-2024-28824
2024-03-22 11:15:46
openvas
openvas
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7 High
AI Score
Confidence
High
Related for VULNRICHMENT:CVE-2024-28824