4 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log files. La exposición de datos confidenciales en Webconf en Tribe29 Checkmk Appliance anterior a 1.6.8 permite a un atacante local recuperar contraseñas mediante la lectura de archivos de registro. • https://checkmk.com/werk/9554 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File CWE-598: Use of GET Request Method With Sensitive Query Strings •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5. • https://checkmk.com/werk/9526 • CWE-412: Unrestricted Externally Accessible Lock CWE-667: Improper Locking •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4. • https://checkmk.com/werk/9523 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files. • https://checkmk.com/werk/9522 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-598: Use of GET Request Method With Sensitive Query Strings CWE-668: Exposure of Resource to Wrong Sphere •