Описание
Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.1.0 (включая) до 2.3.0 (включая)
Одно из
cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:-:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b5:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00056
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-497
Связанные уязвимости
CVSS3: 5.3
ubuntu
9 месяцев назад
Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets.
CVSS3: 5.3
debian
9 месяцев назад
Files to be deployed with agents are accessible without authentication ...
CVSS3: 5.3
github
9 месяцев назад
Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets.
EPSS
Процентиль: 17%
0.00056
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-497