Vulnerabilities > CVE-2022-48321 - Server-Side Request Forgery (SSRF) vulnerability in Tribe29 Checkmk 2.1.0

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
local
low complexity
tribe29
CWE-918

Summary

Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.

Vulnerable Configurations

Part Description Count
Application
Tribe29
21

Common Weakness Enumeration (CWE)