CVE-2022-46836 – PHP code injection in watolib
https://notcve.org/view.php?id=CVE-2022-46836
PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. • https://checkmk.com/werk/14383 https://www.sonarsource.com/blog/checkmk-rce-chain-3 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-46303 – Command injection in SMS notifications
https://notcve.org/view.php?id=CVE-2022-46303
Command injection in SMS notifications in Tribe29 Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local permissions. • https://checkmk.com/werk/14381 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-43440 – Privilege escalation via manipulated unixcat executable
https://notcve.org/view.php?id=CVE-2022-43440
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable • https://checkmk.com/werk/14087 • CWE-427: Uncontrolled Search Path Element •
CVE-2023-0284 – Improper validation of LDAP user IDs
https://notcve.org/view.php?id=CVE-2023-0284
Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk <= 2.1.0p19, Checkmk <= 2.0.0p32, and all versions of Checkmk 1.6.0 (EOL) are affected. La validación de entrada incorrecta de las ID de usuario LDAP en Tribe29 Checkmk permite a los atacantes que pueden controlar las ID de usuario LDAP manipular archivos en el servidor. Esta vulnerabilidad afecta a las versiones Checkmk <= 2.1.0p19, Checkmk <= 2.0.0p32 y todas las versiones de Checkmk 1.6.0 (EOL). • https://checkmk.com/werk/15181 • CWE-20: Improper Input Validation •
CVE-2022-4884 – Path-Traversal in MKP storing
https://notcve.org/view.php?id=CVE-2022-4884
Path-Traversal in MKP storing in Tribe29 Checkmk <=2.0.0p32 and <= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file. Path-Traversal en el almacenamiento MKP en Tribe29 Checkmk <=2.0.0p32 y <= 2.1.0p18 permite a un administrador escribir archivos mkp en ubicaciones arbitrarias a través de un archivo mkp malicioso. • https://checkmk.com/werk/15065 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •