Vulnerabilities > Checkmk > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-24 | CVE-2023-6251 | Cross-Site Request Forgery (CSRF) vulnerability in Checkmk 2.0.0/2.1.0/2.2.0 Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. | 3.5 |
| 2023-11-15 | CVE-2023-23549 | Unspecified vulnerability in Checkmk 2.0.0/2.1.0/2.2.0 Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames. | 2.7 |
| 2023-02-20 | CVE-2022-48321 | Server-Side Request Forgery (SSRF) vulnerability in Checkmk 2.1.0 Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API. | 3.3 |
| 2021-07-26 | CVE-2021-36563 | Cross-site Scripting vulnerability in Checkmk The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. | 3.5 |