Vulnerabilities > CVE-2022-46302 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in Checkmk 1.6.0/2.0.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk <= 2.1.0p6, Checkmk <= 2.0.0p27, and all versions of Checkmk 1.6.0 (EOL) allowing an attacker to perform remote code execution with root privileges on the underlying host.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 89 |