Lucene search
CheckmkCVELIST:CVE-2023-6251HistoryNov 24, 2023 - 8:16 a.m.
CVE-2023-6251 CSRF in delete_user_message
2023-11-2408:16:23
CWE-352
Checkmk
www.cve.org
2
cve-2023-6251
cross-site request forgery
checkmk
delete user messages
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
AI Score
4.7
Confidence
High
EPSS
0
Percentile
14.0%
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p37",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "2.2.0p15",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
}
]
}
]References
Related
ubuntucve
ubuntucve
CVE-2023-6251
2023-11-24 00:00:00
osv
osv
CVE-2023-6251
2023-11-24 09:15:09
nvd
nvd
CVE-2023-6251
2023-11-24 09:15:09
prion
prion
Cross site request forgery (csrf)
2023-11-24 09:15:00
cve
cve
CVE-2023-6251
2023-11-24 09:15:09
openvas
openvas
Checkmk 2.0.x < 2.1.0p37, 2.2.x < 2.2.0p15 Multiple Vulnerabilities
2023-11-17 00:00:00
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
AI Score
4.7
Confidence
High
EPSS
0
Percentile
14.0%
Related for CVELIST:CVE-2023-6251