// For flags

CVE-2022-24564

 

Severity Score

6.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help Text is subject to HTML injection, which can be triggered for editing a user.

Checkmk versiones anteriores a 2.0.0p19 incluyéndola, contiene una vulnerabilidad de tipo Cross Site Scripting (XSS). Al crear o editar un atributo de usuario, el texto de ayuda está sujeto a la inyección de HTML, que puede ser desencadenado para editar un usuario

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-02-07 CVE Reserved
  • 2022-02-21 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-11-06 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
https://checkmk.com/werk/13199 2022-03-02
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
-
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b1
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b2
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b3
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b4
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b5
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b6
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b7
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
b8
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
i1
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p1
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p10
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p11
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p12
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p13
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p14
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p15
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p16
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p17
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p18
Affected
Tribe29
Search vendor "Tribe29"
Checkmk
Search vendor "Tribe29" for product "Checkmk"
2.0.0
Search vendor "Tribe29" for product "Checkmk" and version "2.0.0"
p19
Affected