Vulnerabilities > Tribe29 > Checkmk > 1.6.0b11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-20 | CVE-2022-31258 | Link Following vulnerability in Tribe29 Checkmk In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. | 7.2 |
2022-03-25 | CVE-2021-40905 | Unrestricted Upload of File with Dangerous Type vulnerability in Tribe29 Checkmk The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. | 8.8 |
2022-03-25 | CVE-2021-40906 | Cross-site Scripting vulnerability in Tribe29 Checkmk CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. | 4.3 |