Описание
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00122
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-427
CWE-427
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 2 лет назад
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries
CVSS3: 8.8
debian
около 2 лет назад
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 ...
CVSS3: 8.8
github
около 2 лет назад
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries
EPSS
Процентиль: 32%
0.00122
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-427
CWE-427