2.2.0

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

checkmk

NVD

Published: 2023-11-22

Updated: 2024-07-23

Summary

Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users.

Vulnerable Configurations

Part	Description	Count
Application	Checkmk Checkmk Checkmk 2.0.0 Checkmk Checkmk 2.1.0 Checkmk Checkmk 2.2.0	119

References

https://checkmk.com/werk/16221