Vulnerabilities > CVE-2023-2020 - Incorrect Authorization vulnerability in Checkmk 2.1.0/2.2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 41 |