CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
33.4%
Checkmk is prone to an improper user id
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:check_mk_project:check_mk";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.127311");
script_version("2023-12-20T05:05:58+0000");
script_tag(name:"last_modification", value:"2023-12-20 05:05:58 +0000 (Wed, 20 Dec 2023)");
script_tag(name:"creation_date", value:"2023-01-25 08:01:26 +0000 (Wed, 25 Jan 2023)");
script_tag(name:"cvss_base", value:"8.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-02-06 16:46:00 +0000 (Mon, 06 Feb 2023)");
script_cve_id("CVE-2023-0284");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Checkmk 2.0.x < 2.0.0p33, 2.1.x < 2.1.0p20 Improper User ID's Validation Vulnerability");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Web application abuses");
script_dependencies("gb_check_mk_web_detect.nasl");
script_mandatory_keys("check_mk/detected");
script_tag(name:"summary", value:"Checkmk is prone to an improper user id's validation
vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The User IDs synced from an LDAP connection are not properly
sanitized. The allowed characters for LDAP users user IDs are not restricted in the same way as local user IDs.");
script_tag(name:"affected", value:"Checkmk versions 1.6.0 (EOL), 2.0.x prior to 2.0.0p33 and 2.1.x
prior to 2.1.0p20.");
script_tag(name:"solution", value:"Update to version 2.0.0p33, 2.1.0p20 or later.");
script_xref(name:"URL", value:"https://checkmk.com/de/werk/15181");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if( ! port = get_app_port( cpe: CPE, service: "www" ) )
exit( 0 );
if( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )
exit( 0 );
version = infos["version"];
location = infos["location"];
if( version_is_equal( version: version, test_version: "1.6.0" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "2.0.0p33", install_path: location );
security_message( port: port, data: report );
exit( 0 );
}
if( version_in_range_exclusive( version: version, test_version_lo: "2.0.0", test_version_up: "2.0.0p33" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "2.0.0p33", install_path: location );
security_message( port: port, data: report );
exit( 0 );
}
if( version_in_range_exclusive( version: version, test_version_lo: "2.1.0", test_version_up: "2.1.0p20" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "2.1.0p20", install_path: location );
security_message( port: port, data: report );
exit( 0 );
}
exit( 99 );
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
33.4%