Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tribe29 — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting Tribe29. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tribe29 is a software development firm specializing in enterprise-grade cybersecurity solutions, particularly known for its automated security orchestration platforms. The company’s products facilitate threat detection and response by integrating with various security information and event management systems. Historically, the firm’s software has been associated with twenty-one recorded Common Vulnerabilities and Exposures, primarily involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from improper input validation or insufficient access controls within the application’s web interface and API endpoints. While no catastrophic data breaches have been publicly attributed directly to these specific CVEs, the recurring nature of these issues highlights ongoing challenges in maintaining secure codebases for complex automation tools. The company continues to address these technical debt items through regular patching and security updates, aiming to mitigate risks associated with its widely deployed infrastructure management utilities.

Found 17 results / 21Clear Filters
Top products by Tribe29: Checkmk Checkmk Appliance
CVE IDTitleCVSSSeverityPublished
CVE-2023-22359 User-enumeration in RestAPI — CheckmkCWE-203 4.3 Medium2023-06-26
CVE-2023-31207 Automation user secret logged to Apache access log — CheckmkCWE-532 4.4 Medium2023-05-02
CVE-2022-46302 Remote Code Execution with Root Privileges via Broad Apache Permissions — CheckmkCWE-829 8.8 High2023-04-20
CVE-2023-2020 Unauthorized scheduling of downtimes via REST API — CheckmkCWE-280 4.3 Medium2023-04-18
CVE-2023-1768 Symmetric agent data encryption fails silently — CheckmkCWE-446 3.7 Low2023-04-04
CVE-2023-22288 Email HTML Injection — CheckmkCWE-138 6.8 Medium2023-03-20
CVE-2022-48320 CSRF in add-visual endpoint — CheckmkCWE-352 5.4 Medium2023-02-20
CVE-2022-48319 Host secret disclosed in Checkmk logs — CheckmkCWE-200 6.5 Medium2023-02-20
CVE-2022-48318 Insecure access control mechanisms for RestAPI documentation — CheckmkCWE-862 5.3 Medium2023-02-20
CVE-2022-48317 Insecure Termination of RestAPI Session Tokens — CheckmkCWE-613 5.6 Medium2023-02-20
CVE-2022-48321 SSRF in agent-receiver API — CheckmkCWE-20 6.8 Medium2023-02-20
CVE-2022-47909 LQL Injection in Livestatus HTTP headers — CheckmkCWE-20 6.8 Medium2023-02-20
CVE-2022-46836 PHP code injection in watolib — CheckmkCWE-20 9.1 Critical2023-02-20
CVE-2022-46303 Command injection in SMS notifications — CheckmkCWE-20 8.0 High2023-02-20
CVE-2022-43440 Privilege escalation via manipulated unixcat executable — CheckmkCWE-427 8.8 High2023-02-09
CVE-2023-0284 Improper validation of LDAP user IDs — CheckmkCWE-20 6.8 Medium2023-01-24
CVE-2022-4884 Path-Traversal in MKP storing — CheckmkCWE-22 3.5 Low2023-01-09

This page lists every published CVE security advisory associated with Tribe29. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.