Lucene search
HistoryNov 15, 2023 - 11:15 a.m.
CVE-2023-23549
improper input validation
checkmk
privileged attackers
denial of service
user interface
hostnames
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS
0
Percentile
13.3%
Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames.
Affected configurations
Node
checkmkcheckmkMatch2.0.0-
ORcheckmkcheckmkMatch2.0.0b1
ORcheckmkcheckmkMatch2.0.0b2
ORcheckmkcheckmkMatch2.0.0b3
ORcheckmkcheckmkMatch2.0.0b4
ORcheckmkcheckmkMatch2.0.0b5
ORcheckmkcheckmkMatch2.0.0b6
ORcheckmkcheckmkMatch2.0.0b7
ORcheckmkcheckmkMatch2.0.0b8
ORcheckmkcheckmkMatch2.0.0i1
ORcheckmkcheckmkMatch2.0.0p1
ORcheckmkcheckmkMatch2.0.0p10
ORcheckmkcheckmkMatch2.0.0p11
ORcheckmkcheckmkMatch2.0.0p12
ORcheckmkcheckmkMatch2.0.0p13
ORcheckmkcheckmkMatch2.0.0p14
ORcheckmkcheckmkMatch2.0.0p15
ORcheckmkcheckmkMatch2.0.0p16
ORcheckmkcheckmkMatch2.0.0p17
ORcheckmkcheckmkMatch2.0.0p18
ORcheckmkcheckmkMatch2.0.0p19
ORcheckmkcheckmkMatch2.0.0p2
ORcheckmkcheckmkMatch2.0.0p20
ORcheckmkcheckmkMatch2.0.0p21
ORcheckmkcheckmkMatch2.0.0p22
ORcheckmkcheckmkMatch2.0.0p23
ORcheckmkcheckmkMatch2.0.0p24
ORcheckmkcheckmkMatch2.0.0p25
ORcheckmkcheckmkMatch2.0.0p26
ORcheckmkcheckmkMatch2.0.0p27
ORcheckmkcheckmkMatch2.0.0p28
ORcheckmkcheckmkMatch2.0.0p29
ORcheckmkcheckmkMatch2.0.0p3
ORcheckmkcheckmkMatch2.0.0p30
ORcheckmkcheckmkMatch2.0.0p31
ORcheckmkcheckmkMatch2.0.0p32
ORcheckmkcheckmkMatch2.0.0p33
ORcheckmkcheckmkMatch2.0.0p34
ORcheckmkcheckmkMatch2.0.0p35
ORcheckmkcheckmkMatch2.0.0p36
ORcheckmkcheckmkMatch2.0.0p37
ORcheckmkcheckmkMatch2.0.0p38
ORcheckmkcheckmkMatch2.0.0p39
ORcheckmkcheckmkMatch2.0.0p4
ORcheckmkcheckmkMatch2.0.0p5
ORcheckmkcheckmkMatch2.0.0p6
ORcheckmkcheckmkMatch2.0.0p7
ORcheckmkcheckmkMatch2.0.0p8
ORcheckmkcheckmkMatch2.0.0p9
ORcheckmkcheckmkMatch2.1.0-
ORcheckmkcheckmkMatch2.1.0b1
ORcheckmkcheckmkMatch2.1.0b2
ORcheckmkcheckmkMatch2.1.0b3
ORcheckmkcheckmkMatch2.1.0b4
ORcheckmkcheckmkMatch2.1.0b5
ORcheckmkcheckmkMatch2.1.0b6
ORcheckmkcheckmkMatch2.1.0b7
ORcheckmkcheckmkMatch2.1.0b8
ORcheckmkcheckmkMatch2.1.0b9
ORcheckmkcheckmkMatch2.1.0p1
ORcheckmkcheckmkMatch2.1.0p10
ORcheckmkcheckmkMatch2.1.0p11
ORcheckmkcheckmkMatch2.1.0p12
ORcheckmkcheckmkMatch2.1.0p13
ORcheckmkcheckmkMatch2.1.0p14
ORcheckmkcheckmkMatch2.1.0p15
ORcheckmkcheckmkMatch2.1.0p16
ORcheckmkcheckmkMatch2.1.0p17
ORcheckmkcheckmkMatch2.1.0p18
ORcheckmkcheckmkMatch2.1.0p19
ORcheckmkcheckmkMatch2.1.0p2
ORcheckmkcheckmkMatch2.1.0p20
ORcheckmkcheckmkMatch2.1.0p21
ORcheckmkcheckmkMatch2.1.0p22
ORcheckmkcheckmkMatch2.1.0p23
ORcheckmkcheckmkMatch2.1.0p24
ORcheckmkcheckmkMatch2.1.0p25
ORcheckmkcheckmkMatch2.1.0p26
ORcheckmkcheckmkMatch2.1.0p27
ORcheckmkcheckmkMatch2.1.0p28
ORcheckmkcheckmkMatch2.1.0p29
ORcheckmkcheckmkMatch2.1.0p3
ORcheckmkcheckmkMatch2.1.0p30
ORcheckmkcheckmkMatch2.1.0p31
ORcheckmkcheckmkMatch2.1.0p32
ORcheckmkcheckmkMatch2.1.0p33
ORcheckmkcheckmkMatch2.1.0p34
ORcheckmkcheckmkMatch2.1.0p35
ORcheckmkcheckmkMatch2.1.0p36
ORcheckmkcheckmkMatch2.1.0p4
ORcheckmkcheckmkMatch2.1.0p5
ORcheckmkcheckmkMatch2.1.0p6
ORcheckmkcheckmkMatch2.1.0p7
ORcheckmkcheckmkMatch2.1.0p8
ORcheckmkcheckmkMatch2.1.0p9
ORcheckmkcheckmkMatch2.2.0-
ORcheckmkcheckmkMatch2.2.0b1
ORcheckmkcheckmkMatch2.2.0b2
ORcheckmkcheckmkMatch2.2.0b3
ORcheckmkcheckmkMatch2.2.0b4
ORcheckmkcheckmkMatch2.2.0b5
ORcheckmkcheckmkMatch2.2.0b6
ORcheckmkcheckmkMatch2.2.0b7
ORcheckmkcheckmkMatch2.2.0b8
ORcheckmkcheckmkMatch2.2.0i1
ORcheckmkcheckmkMatch2.2.0p1
ORcheckmkcheckmkMatch2.2.0p10
ORcheckmkcheckmkMatch2.2.0p11
ORcheckmkcheckmkMatch2.2.0p12
ORcheckmkcheckmkMatch2.2.0p13
ORcheckmkcheckmkMatch2.2.0p2
ORcheckmkcheckmkMatch2.2.0p3
ORcheckmkcheckmkMatch2.2.0p4
ORcheckmkcheckmkMatch2.2.0p5
ORcheckmkcheckmkMatch2.2.0p6
ORcheckmkcheckmkMatch2.2.0p7
ORcheckmkcheckmkMatch2.2.0p8
ORcheckmkcheckmkMatch2.2.0p9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:-:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b1:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b2:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b3:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b4:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b5:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b6:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b7:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:b8:*:*:*:*:*:* |
| checkmk | checkmk | 2.0.0 | cpe:2.3:a:checkmk:checkmk:2.0.0:i1:*:*:*:*:*:* |
References
Related
prion
prion
Input validation
2023-11-15 11:15:00
cvelist
cvelist
CVE-2023-23549 DoS via long hostnames
2023-11-15 11:07:28
vulnrichment
vulnrichment
CVE-2023-23549 DoS via long hostnames
2023-11-15 11:07:28
osv
osv
CVE-2023-23549
2023-11-15 11:15:08
cve
cve
CVE-2023-23549
2023-11-15 11:15:08
ubuntucve
ubuntucve
CVE-2023-23549
2023-11-15 00:00:00
openvas
openvas
Checkmk 2.0.x < 2.1.0p37, 2.2.x < 2.2.0p15 Multiple Vulnerabilities
2023-11-17 00:00:00
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS
0
Percentile
13.3%
Related for NVD:CVE-2023-23549