Vulnerabilities > Checkmk > Checkmk > Low

DATE CVE VULNERABILITY TITLE RISK
2023-11-24 CVE-2023-6251 Cross-Site Request Forgery (CSRF) vulnerability in Checkmk 2.0.0/2.1.0/2.2.0
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users.
network
low complexity
checkmk CWE-352
3.5
2023-11-15 CVE-2023-23549 Unspecified vulnerability in Checkmk 2.0.0/2.1.0/2.2.0
Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames.
network
low complexity
checkmk
2.7
2023-02-20 CVE-2022-48321 Server-Side Request Forgery (SSRF) vulnerability in Checkmk 2.1.0
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.
local
low complexity
checkmk CWE-918
3.3
2021-07-26 CVE-2021-36563 Cross-site Scripting vulnerability in Checkmk
The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module.
network
checkmk CWE-79
3.5