Vulnerabilities > CVE-2023-22307 - Exposure of Resource to Wrong Sphere vulnerability in Tribe29 Checkmk Appliance Firmware

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
tribe29
CWE-668

Summary

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files.

Vulnerable Configurations

Part Description Count
OS
Tribe29
1

Common Weakness Enumeration (CWE)