CVSS: 7.8EPSS: 0%CPEs: 71EXPL: 0CVE-2022-33912
https://notcve.org/view.php?id=CVE-2022-33912
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. If such a user exists on the system, they can change the content of these files (which are then executed by root). This leads to a local privilege escalation on the monitored host. • https://checkmk.com/werk/14098 • CWE-276: Incorrect Default Permissions •
CVSS: 8.2EPSS: 0%CPEs: 88EXPL: 0CVE-2022-31258
https://notcve.org/view.php?id=CVE-2022-31258
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. En Checkmk versiones anteriores a 1.6.0p29, 2.x anteriores a 2.0.0p25, y 2.1.x anteriores a 2.1.0b10, un usuario del sitio puede escalar a root editando un enlace simbólico del hook OMD • https://checkmk.com/werk/13902 https://forum.checkmk.com/c/announcements/18 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: 28EXPL: 1CVE-2021-40905
https://notcve.org/view.php?id=CVE-2021-40905
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner ** EN DISTPUTA ** La consola de administración web de CheckMK Enterprise Edition (versiones 1.5.0 a 2.0.0p9) no sanea correctamente la carga de archivos ".mkp", que son Paquetes de Extensión, haciendo posible una ejecución de código remota. Una explotación con éxito requiere el acceso a la interfaz de administración web, ya sea con credenciales válidas o con una sesión secuestrada de un usuario con rol de administrador. NOTA: el proveedor afirma que este es el comportamiento previsto: se supone que los administradores pueden ejecutar código de esta manera • https://github.com/Edgarloyola/CVE-2021-40905 http://checkmk.com • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: 47EXPL: 0CVE-2022-24566
https://notcve.org/view.php?id=CVE-2022-24566
In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS). En Checkmk versiones anteriores a 2.0.0p19 incluyéndola, corregido en 2.0.0p20 y Checkmk versiones anteriores a 1.6.0p27 incluyéndola, corregido en 1.6.0p28, el título de una condición predefinida no es escapado apropiadamente cuando es mostrado como condición, lo que puede resultar en un ataque de tipo Cross Site Scripting (XSS) • https://checkmk.com/werk/13717 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 47EXPL: 0CVE-2022-24565
https://notcve.org/view.php?id=CVE-2022-24565
Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. The Alias of a site was not properly escaped when shown as condition for notifications. Checkmk versiones anteriores a 2.0.0p19 incluyéndola, Corregido en versión 2.0.0p20 y Checkmk versiones anteriores a 1.6.0p27 incluyéndola, Corregido en versión 1.6.0p28, están afectados por una vulnerabilidad de tipo Cross Site Scripting (XSS). El Alias de un sitio no se escapaba correctamente cuando era mostrado como condición para las notificaciones • https://checkmk.com/werk/13716 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •