Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkmk checkmk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-48321
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an malicious user to communicate with local network restricted endpoints by use of the host registration API.
Tribe29 Checkmk 2.1.0
2 Github repositories
3.5
CVSSv2
CVE-2020-28919
A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x before 1.6.0p19 allows an authenticated remote malicious user to inject arbitrary JavaScript via a javascript: URL in a view title.
Tribe29 Checkmk 1.6.0
NA
CVE-2023-22309
Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance prior to 1.6.4.
Tribe29 Checkmk Appliance Firmware
NA
CVE-2023-22318
Denial of service in Webconf in Tribe29 Checkmk Appliance prior to 1.6.5.
Tribe29 Checkmk Appliance Firmware
NA
CVE-2023-22307
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance prior to 1.6.4 allows local malicious user to retrieve passwords via reading log files.
Tribe29 Checkmk Appliance Firmware
NA
CVE-2023-6287
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance prior to 1.6.8 allows local malicious user to retrieve passwords via reading log files.
Tribe29 Checkmk Appliance Firmware
NA
CVE-2024-0670
Privilege escalation in windows agent plugin in Checkmk prior to 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges
4.3
CVSSv2
CVE-2017-9781
A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x before 1.4.0p6, allowing an unauthenticated remote malicious user to inject arbitrary HTML or JavaScript via the _username parameter when attempting authentication to webapi.py, which is returned unenco...
Check Mk Project Check Mk 1.4.0
NA
CVE-2024-28825
Improper restriction of excessive authentication attempts on some authentication methods in Checkmk prior to 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing.
NA
CVE-2024-0638
Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »