Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tribe29 checkmk 2.0.0 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-6735
Privilege escalation in mk_tsm agent plugin in Checkmk prior to 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
Tribe29 Checkmk
7.8
CVSSv3
CVE-2023-6740
Privilege escalation in jar_signature agent plugin in Checkmk prior to 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
Tribe29 Checkmk
8.8
CVSSv3
CVE-2023-31208
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users.
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
Tribe29 Checkmk
6.5
CVSSv3
CVE-2023-31211
Insufficient authentication flow in Checkmk prior to 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows malicious user to use locked credentials
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
Tribe29 Checkmk
7.8
CVSSv3
CVE-2022-43440
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk prior to 2.1.0p1, prior to 2.0.0p25 and prior to 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable
Tribe29 Checkmk 1.6.0
Tribe29 Checkmk
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
8.8
CVSSv3
CVE-2023-31209
Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
Tribe29 Checkmk
6.1
CVSSv3
CVE-2023-23548
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30.
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
Tribe29 Checkmk
5.4
CVSSv3
CVE-2023-22288
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated malicious user to inject malicious HTML into Emails
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk
8.1
CVSSv3
CVE-2023-0284
Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk <= 2.1.0p19, Checkmk <= 2.0.0p32, and all versions of Checkmk 1.6.0 (EOL) are affected.
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk
7.8
CVSSv3
CVE-2022-33912
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will...
Tribe29 Checkmk 1.6.0
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 1.6.0b10
Tribe29 Checkmk 1.6.0b11
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »