Lucene search
Tribe29CVELIST:CVE-2022-48319HistoryFeb 20, 2023 - 4:56 p.m.
CVE-2022-48319 Host secret disclosed in Checkmk logs
2023-02-2016:56:18
CWE-200
Tribe29
www.cve.org
4
cve-2022-48319
host secret
checkmk logs
sensitive information
CVSS3
6.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS
0
Percentile
13.3%
Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29’s Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p29",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p13",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.0p30",
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
}
]
}
]References
Related
nvd
nvd
CVE-2022-48319
2023-02-20 17:15:12
osv
osv
CVE-2022-48319
2023-02-20 17:15:12
prion
prion
Code injection
2023-02-20 17:15:00
openvas
openvas
cve
cve
CVE-2022-48319
2023-02-20 17:15:12
ubuntucve
ubuntucve
CVE-2022-48319
2023-02-20 00:00:00
CVSS3
6.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS
0
Percentile
13.3%
Related for CVELIST:CVE-2022-48319