Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-48321

Опубликовано: 20 фев. 2023
Источник: nvd
CVSS3: 6.8
CVSS3: 3.3
EPSS Низкий

Описание

Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*

EPSS

Процентиль: 16%
0.00051
Низкий

6.8 Medium

CVSS3

3.3 Low

CVSS3

Дефекты

CWE-20
CWE-918

Связанные уязвимости

ubuntu логотип

CVE-2022-48321

CVSS3: 6.8
ubuntu
почти 3 года назад

Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.

debian логотип

CVE-2022-48321

CVSS3: 6.8
debian
почти 3 года назад

Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe2 ...

github логотип

GHSA-q57f-4wj6-3jfc

CVSS3: 7.8
github
почти 3 года назад

Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.

EPSS

Процентиль: 16%
0.00051
Низкий

6.8 Medium

CVSS3

3.3 Low

CVSS3

Дефекты

CWE-20
CWE-918