CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
52.5%
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to βInsecure Direct Object References.β NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.
Vendor | Product | Version | CPE |
---|---|---|---|
check_mk_project | check_mk | * | cpe:2.3:a:check_mk_project:check_mk:*:*:*:*:*:*:*:* |