HomePentest-Tools.com Logo

Checkmk 2.0.x < 2.0.p36, 2.1.x < 2.1.0p28, 2.2.x < 2.2.0b8 Command Injection Vulnerability CVE-2023-31208

Severity
CVSSv3 Score
8.8
Vulnerability description

Checkmk is prone to a command injection vulnerability.

Risk description

All RestAPI endpoints that use Livestatus filter operators are susceptible to injection of Livestatus commands.

Recommendation

Update to version 2.0.0p36, 2.1.0p28, 2.2.0b8, 2.3.0b1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 17, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available