Page 2 of 57 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk <= 2.0.0p39, < 2.1.0p47, < 2.2.0p32 and < 2.3.0p11 allows arbitrary livestatus command execution. La neutralización incorrecta de los delimitadores de comandos de estado de vida en mknotifyd en Checkmk &lt;= 2.0.0p39, &lt; 2.1.0p47, &lt; 2.2.0p32 y &lt; 2.3.0p11 permite la ejecución arbitraria de comandos de estado de vida. • https://checkmk.com/werk/17013 • CWE-140: Improper Neutralization of Delimiters •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) could lead to 1-click compromize of the site. Cross-Site Request Forgery en Checkmk &lt; 2.3.0p8, &lt; 2.2.0p29, &lt; 2.1.0p45 y &lt;= 2.0.0p39 (EOL) podría provocar que el sitio se comprometa con 1 clic. • https://checkmk.com/werk/17090 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) allows a local attacker to gain SYSTEM privileges. Permisos incorrectos en el directorio de datos del agente de Windows Checkmk en Checkmk &lt; 2.3.0p8, &lt; 2.2.0p29, &lt; 2.1.0p45 y &lt;= 2.0.0p39 (EOL) permiten a un atacante local obtener privilegios de SYSTEM. • https://checkmk.com/werk/16845 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39 allows remote attacker to bypass authentication and access data • https://checkmk.com/werk/17011 • CWE-290: Authentication Bypass by Spoofing •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Stored XSS in Checkmk before versions 2.3.0p10, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements XSS almacenado en Checkmk antes de las versiones 2.3.0p8, 2.2.0p29, 2.1.0p45 y 2.0.0 (EOL) permite a los usuarios ejecutar scripts arbitrarios inyectando elementos HTML Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements • https://checkmk.com/werk/17010 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •