Checkmk 产品漏洞列表 / CVE 中文分析 91

Checkmk 产品相关 91 条漏洞，AI 中文标题与摘要、CVSS、POC 一站汇总。

ベンダー: Tribe29

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2024-0638	Privilege escalation in mk_oracle plugins CWE-272	8.2	High	2024-03-22
CVE-2024-0670	Privilege escalation in windows agent CWE-427	8.8	High	2024-03-11
CVE-2023-6740	Privilege escalation in jar_signature CWE-427	8.8	High	2024-01-12
CVE-2023-6735	Privilege escalation in mk_tsm CWE-95	8.8	High	2024-01-12
CVE-2023-31211	Disabled automation users could still authenticate CWE-303	8.8	High	2024-01-12
CVE-2023-31210	Privilege escalation in agent via LD_LIBRARY_PATH CWE-427	8.8	High	2023-12-13
CVE-2023-6251	CSRF in delete_user_message CWE-352	3.5	Low	2023-11-24
CVE-2023-6157	Livestatus injection in ajax_search CWE-140	7.6	High	2023-11-22
CVE-2023-6156	Livestatus injection in availability timeline CWE-140	7.6	High	2023-11-22
CVE-2023-23549	DoS via long hostnames CWE-1284	2.7	Low	2023-11-15
CVE-2023-31209	Command injection via active checks and REST API CWE-78	8.8	High	2023-08-10
CVE-2023-23548	XSS in business intelligence CWE-80	5.4	Medium	2023-08-01
CVE-2023-22359	User-enumeration in RestAPI CWE-203	4.3	Medium	2023-06-26
CVE-2023-22348	Reading host_configs does not honour contact groups CWE-285	4.3	Medium	2023-05-17
CVE-2023-31208	Livestatus command injection in RestAPI CWE-140	8.3	High	2023-05-17
CVE-2023-31207	Automation user secret logged to Apache access log CWE-532	4.4	Medium	2023-05-02
CVE-2022-46302	Remote Code Execution with Root Privileges via Broad Apache Permissions CWE-829	8.8	High	2023-04-20
CVE-2023-2020	Unauthorized scheduling of downtimes via REST API CWE-280	4.3	Medium	2023-04-18
CVE-2023-1768	Symmetric agent data encryption fails silently CWE-446	3.7	Low	2023-04-04
CVE-2023-22288	Email HTML Injection CWE-138	6.8	Medium	2023-03-20
CVE-2022-48320	CSRF in add-visual endpoint CWE-352	5.4	Medium	2023-02-20
CVE-2022-48319	Host secret disclosed in Checkmk logs CWE-200	6.5	Medium	2023-02-20
CVE-2022-48318	Insecure access control mechanisms for RestAPI documentation CWE-862	5.3	Medium	2023-02-20
CVE-2022-48317	Insecure Termination of RestAPI Session Tokens CWE-613	5.6	Medium	2023-02-20
CVE-2022-48321	SSRF in agent-receiver API CWE-20	6.8	Medium	2023-02-20
CVE-2022-47909	LQL Injection in Livestatus HTTP headers CWE-20	6.8	Medium	2023-02-20
CVE-2022-46836	PHP code injection in watolib CWE-20	9.1	Critical	2023-02-20
CVE-2022-46303	Command injection in SMS notifications CWE-20	8.0	High	2023-02-20
CVE-2022-43440	Privilege escalation via manipulated unixcat executable CWE-427	8.8	High	2023-02-09
CVE-2023-0284	Improper validation of LDAP user IDs CWE-20	6.8	Medium	2023-01-24

Checkmk 产品累计公开 91 条 CVE 漏洞，本页提供按时间倒序的完整列表，包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。

目標達成 すべての支援者に感謝 — 100%達成しました！

Checkmk 产品漏洞列表 / CVE 中文分析 91

目標達成すべての支援者に感謝 — 100%達成しました！