Shodan
Vulnerabilities
Vulnerable Software
Checkmk:  >> Checkmk  >> 2.2.0  Security Vulnerabilities
CVE-2024-28825
Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-04-24
CVE-2024-3367
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc
CVSS Score
6.5
EPSS Score
0.001
Published
2024-04-16
CVE-2024-0638
Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.
CVSS Score
8.2
EPSS Score
0.0
Published
2024-03-22
CVE-2024-1742
Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the extraction of this information from the process list.
CVSS Score
3.8
EPSS Score
0.001
Published
2024-03-22
CVE-2024-28824
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-03-22
CVE-2024-0670
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges
CVSS Score
8.8
EPSS Score
0.001
Published
2024-03-11
CVE-2023-31211
Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials
CVSS Score
8.8
EPSS Score
0.001
Published
2024-01-12
CVE-2023-6735
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges
CVSS Score
8.8
EPSS Score
0.001
Published
2024-01-12
CVE-2023-6740
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges
CVSS Score
8.8
EPSS Score
0.0
Published
2024-01-12
CVE-2023-31210
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved