CPE-3432B5F6-FF02-481E-A204-F324FE5DFD62 Détail

CPE Details

tribe29 checkmk 1.6.0 B1

Vendor

tribe29

Product

checkmk

Version

1.6.0

Created

2019-10-17
10h12 +00:00

Modifié

2024-07-23
17h37 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:tribe29:checkmk:1.6.0:b1::::::

Informations

Vendor

tribe29

Product

checkmk

Version

1.6.0

Update

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2023-6740	2024-01-12 07h50 +00:00	Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges	8.8	Haute
CVE-2023-6735	2024-01-12 07h50 +00:00	Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges	8.8	Haute
CVE-2023-31211	2024-01-12 07h49 +00:00	Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials	8.8	Haute
CVE-2023-31209	2023-08-10 08h14 +00:00	Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.	8.8	Haute
CVE-2023-22348	2023-05-17 15h51 +00:00	Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs.	4.3	Moyen
CVE-2023-31208	2023-05-17 08h24 +00:00	Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users.	8.8	Haute
CVE-2023-22294	2023-04-18 18h59 +00:00	Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions.	8.8	Haute
CVE-2023-22288	2023-03-20 15h33 +00:00	HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails	6.8	Moyen
CVE-2023-0284	2023-01-24 12h03 +00:00	Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk <= 2.1.0p19, Checkmk <= 2.0.0p32, and all versions of Checkmk 1.6.0 (EOL) are affected.	8.1	Haute
CVE-2021-40905	2022-03-25 21h20 +00:00	The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner	8.8	Haute

tribe29 checkmk 1.6.0 B1

CPE Details

CPE Name: cpe:2.3:a:tribe29:checkmk:1.6.0:b1:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:tribe29:checkmk:1.6.0:b1::::::