Lucene search

Ubuntu.comUB:CVE-2023-22307

HistoryApr 18, 2023 - 12:00 a.m.

CVE-2023-22307

2023-04-1800:00:00

ubuntu.com

cve-2023-22307

webconf

tribe29

checkmk

appliance

sensitive data exposure

log files

unix

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before
1.6.4 allows local attacker to retrieve passwords via reading log files.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchcheck-mk< anyUNKNOWN
ubuntu16.04noarchcheck-mk< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	check-mk	< any	UNKNOWN
ubuntu	16.04	noarch	check-mk	< any	UNKNOWN

References

checkmk.com/werk/9522

launchpad.net/bugs/cve/CVE-2023-22307

nvd.nist.gov/vuln/detail/CVE-2023-22307

security-tracker.debian.org/tracker/CVE-2023-22307

www.cve.org/CVERecord?id=CVE-2023-22307

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2023-22307