CVE-2024-28826

Опубликовано: 29 мая 2024

Источник: nvd

CVSS3: 8.8

CVSS3: 8.1

EPSS Низкий

Описание

Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 (EOL) allows attackers with sufficient permissions to configure the check to read and write local files on the Checkmk site server.

Ссылки

https://checkmk.com/werk/15200
Vendor Advisory
https://checkmk.com/werk/15200
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*

Версия до 2.0.0 (включая)

cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00581

Низкий

8.8 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-73

CWE-610

Связанные уязвимости

CVE-2024-28826

CVSS3: 8.8

ubuntu

больше 1 года назад

CVE-2024-28826

CVSS3: 8.8

debian

больше 1 года назад

Improper restriction of local upload and download paths in check_sftp ...

EPSS

Процентиль: 68%

0.00581

Низкий

8.8 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-73

CWE-610