HomePentest-Tools.com Logo

Checkmk 2.0.x < 2.0.0p30, 2.1.x < 2.1.0p14, 2.2.x < 2.2.0b1 Information Disclosure Vulnerability CVE-2022-48319

Severity
CVSSv3 Score
5.5
Vulnerability description

Checkmk is prone to an information disclosure vulnerability.

Risk description

Sensitive host secret disclosed in cmk-update-agent.log file allows an attacker to gain access to the host secret through the unprotected agent updater log file.

Recommendation

Update to version 2.0.0p30, 2.1.0p14, 2.2.0b1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 20, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available