Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.
References
Link | Resource |
---|---|
https://checkmk.com/werk/13981 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Apr 2023, 19:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:* |
|
References | (MISC) https://checkmk.com/werk/13981 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
CWE | CWE-863 |
18 Apr 2023, 12:56
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-18 12:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-2020
Mitre link : CVE-2023-2020
CVE.ORG link : CVE-2023-2020
JSON object : View
Products Affected
tribe29
- checkmk