Search CVE reports
1 – 10 of 82 results
CVE-2024-38864
Medium priorityIncorrect permissions on the Checkmk Windows Agent’s data directory in Checkmk < 2.3.0p23, < 2.2.0p38 and <= 2.1.0p49 (EOL) allows a local attacker to read sensitive data.
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Not affected | Not affected |
CVE-2024-47094
Medium priorityInsertion of Sensitive Information into Log File in Checkmk GmbH’s Checkmk versions <2.3.0p22, <2.2.0p37, <2.1.0p50 (EOL) causes remote site secrets to be written to web log files accessible to local site users.
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-38863
Medium priorityExposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH’s Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-38862
Medium priorityInsertion of Sensitive Information into Log File in Checkmk GmbH’s Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files...
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-6747
Medium priorityInformation leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-8606
Medium priorityBypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-38860
Medium priorityImproper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows attackers to craft malicious links that can facilitate phishing attacks.
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-38858
Medium priorityImproper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view.
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-38859
Medium priorityXSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column...
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2024-28829
Medium priorityLeast privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges.
1 affected package
check-mk
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
check-mk | Not in release | Not in release | Not in release | Not affected | Not affected |