Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI.
References
Link | Resource |
---|---|
https://checkmk.com/werk/14485 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
06 Mar 2023, 19:26
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://checkmk.com/werk/14485 - Vendor Advisory | |
CWE | CWE-613 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:* |
21 Feb 2023, 14:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-20 17:15
Updated : 2024-02-04 23:14
NVD link : CVE-2022-48317
Mitre link : CVE-2022-48317
CVE.ORG link : CVE-2022-48317
JSON object : View
Products Affected
tribe29
- checkmk
CWE
CWE-613
Insufficient Session Expiration