Lucene search
HistoryFeb 20, 2023 - 5:15 p.m.
CVE-2022-48321
ssrf
checkmk
tribe29
cve-2022-48321
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
13.5%
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29’s Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.
Affected configurations
Node
checkmkcheckmkMatch2.1.0-
ORcheckmkcheckmkMatch2.1.0b1
ORcheckmkcheckmkMatch2.1.0b2
ORcheckmkcheckmkMatch2.1.0b3
ORcheckmkcheckmkMatch2.1.0b4
ORcheckmkcheckmkMatch2.1.0b5
ORcheckmkcheckmkMatch2.1.0b6
ORcheckmkcheckmkMatch2.1.0b7
ORcheckmkcheckmkMatch2.1.0b8
ORcheckmkcheckmkMatch2.1.0b9
ORcheckmkcheckmkMatch2.1.0p1
ORcheckmkcheckmkMatch2.1.0p10
ORcheckmkcheckmkMatch2.1.0p11
ORcheckmkcheckmkMatch2.1.0p2
ORcheckmkcheckmkMatch2.1.0p3
ORcheckmkcheckmkMatch2.1.0p4
ORcheckmkcheckmkMatch2.1.0p5
ORcheckmkcheckmkMatch2.1.0p6
ORcheckmkcheckmkMatch2.1.0p7
ORcheckmkcheckmkMatch2.1.0p8
ORcheckmkcheckmkMatch2.1.0p9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:* |
| checkmk | checkmk | 2.1.0 | cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2022-48321
2023-02-20 00:00:00
prion
prion
Server side request forgery (ssrf)
2023-02-20 17:15:00
osv
osv
CVE-2022-48321
2023-02-20 17:15:12
cve
cve
CVE-2022-48321
2023-02-20 17:15:12
openvas
openvas
Checkmk 2.1.x < 2.1.0p12, 2.2.x < 2.2.0b1 SSRF Vulnerability
2023-02-22 00:00:00
cvelist
cvelist
CVE-2022-48321 SSRF in agent-receiver API
2023-02-20 16:54:44
githubexploit
githubexploit
Exploit for Improper Input Validation in Checkmk
2023-03-27 02:16:51
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
13.5%
Related for NVD:CVE-2022-48321