Vulnerabilities > CVE-2023-22307 - Exposure of Resource to Wrong Sphere vulnerability in Tribe29 Checkmk Appliance Firmware

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
tribe29
CWE-668

Summary

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files.

Vulnerable Configurations

Part Description Count
OS
Tribe29
71

Common Weakness Enumeration (CWE)