CVE-2014-5339

2014-09-0214:55:03

[email protected]

web.nvd.nist.gov

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

49.3%

JSON

Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authenticated users to write check_mk config files (.mk files) to arbitrary locations via vectors related to row selections.

Affected configurations

Nvd

Node

check_mk_projectcheck_mkRange≤1.2.4p3

check_mk_projectcheck_mkMatch1.2.4

check_mk_projectcheck_mkMatch1.2.4p1

check_mk_projectcheck_mkMatch1.2.4p2

check_mk_projectcheck_mkMatch1.2.5i1

check_mk_projectcheck_mkMatch1.2.5i2

check_mk_projectcheck_mkMatch1.2.5i3

VendorProductVersionCPE
check_mk_projectcheck_mk*cpe:2.3:a:check_mk_project:check_mk:*:p3:*:*:*:*:*:*
check_mk_projectcheck_mk1.2.4cpe:2.3:a:check_mk_project:check_mk:1.2.4:*:*:*:*:*:*:*
check_mk_projectcheck_mk1.2.4cpe:2.3:a:check_mk_project:check_mk:1.2.4:p1:*:*:*:*:*:*
check_mk_projectcheck_mk1.2.4cpe:2.3:a:check_mk_project:check_mk:1.2.4:p2:*:*:*:*:*:*
check_mk_projectcheck_mk1.2.5cpe:2.3:a:check_mk_project:check_mk:1.2.5:i1:*:*:*:*:*:*
check_mk_projectcheck_mk1.2.5cpe:2.3:a:check_mk_project:check_mk:1.2.5:i2:*:*:*:*:*:*
check_mk_projectcheck_mk1.2.5cpe:2.3:a:check_mk_project:check_mk:1.2.5:i3:*:*:*:*:*:*

Vendor	Product	Version	CPE
check_mk_project	check_mk	*	cpe:2.3:a:check_mk_project:check_mk::p3::::::*
check_mk_project	check_mk	1.2.4	cpe:2.3:a:check_mk_project:check_mk:1.2.4:::::::*
check_mk_project	check_mk	1.2.4	cpe:2.3:a:check_mk_project:check_mk:1.2.4:p1::::::
check_mk_project	check_mk	1.2.4	cpe:2.3:a:check_mk_project:check_mk:1.2.4:p2::::::
check_mk_project	check_mk	1.2.5	cpe:2.3:a:check_mk_project:check_mk:1.2.5:i1::::::
check_mk_project	check_mk	1.2.5	cpe:2.3:a:check_mk_project:check_mk:1.2.5:i2::::::
check_mk_project	check_mk	1.2.5	cpe:2.3:a:check_mk_project:check_mk:1.2.5:i3::::::