CVE-2024-8606

Опубликовано: 23 сент. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication

Ссылки

https://checkmk.com/werk/16218
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00072

Низкий

8.8 High

CVSS3

Дефекты

CWE-863

Связанные уязвимости

CVE-2024-8606

CVSS3: 8.8

ubuntu

больше 1 года назад

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication

CVE-2024-8606

CVSS3: 8.8

debian

больше 1 года назад

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 a ...

GHSA-74jr-9xc3-xccr

CVSS3: 8.8

github

больше 1 года назад

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication

EPSS

Процентиль: 22%

0.00072

Низкий

8.8 High

CVSS3

Дефекты

CWE-863