HomePentest-Tools.com Logo

Checkmk 2.1.x < 2.1.0p12, 2.2.x < 2.2.0b1 SSRF Vulnerability CVE-2022-48321

Severity
CVSSv3 Score
7.8
Vulnerability description

Checkmk is prone to a server side request forgery (SSRF) vulnerability.

Risk description

Server-Side Request Forgery (SSRF) in agent-receiver allows an attacker to communicate with local network restricted endpoints by use of the host registration API.

Recommendation

Update to version 2.1.0p12, 2.2.0b1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 20, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available