CVE-2023-22288 – Email HTML Injection
https://notcve.org/view.php?id=CVE-2023-22288
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails • https://checkmk.com/werk/15069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-138: Improper Neutralization of Special Elements •
CVE-2022-48320 – CSRF in add-visual endpoint
https://notcve.org/view.php?id=CVE-2022-48320
Cross-site Request Forgery (CSRF) in Tribe29's Checkmk <= 2.1.0p17, Checkmk <= 2.0.0p31, and all versions of Checkmk 1.6.0 (EOL) allow an attacker to add new visual elements to multiple pages. • https://checkmk.com/werk/14924 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2022-48319 – Host secret disclosed in Checkmk logs
https://notcve.org/view.php?id=CVE-2022-48319
Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file. • https://checkmk.com/werk/14916 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVE-2022-47909 – LQL Injection in Livestatus HTTP headers
https://notcve.org/view.php?id=CVE-2022-47909
Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from localhost. • https://checkmk.com/werk/14384 https://www.sonarsource.com/blog/checkmk-rce-chain-1 • CWE-20: Improper Input Validation •
CVE-2022-46836 – PHP code injection in watolib
https://notcve.org/view.php?id=CVE-2022-46836
PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. • https://checkmk.com/werk/14383 https://www.sonarsource.com/blog/checkmk-rce-chain-3 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •