admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/28xxx/CVE-2024-28826.json
CVE Team 1ee7d5ac0a
"-Synchronized-Data."
2024-05-29 11:00:34 +00:00

90 lines
3.2 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-28826",
"ASSIGNER": "security@checkmk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 (EOL) allows attackers with sufficient permissions to configure the check to read and write local files on the Checkmk site server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73: External Control of File Name or Path",
"cweId": "CWE-73"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Checkmk GmbH",
"product": {
"product_data": [
{
"product_name": "Checkmk",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.3.0",
"version_value": "2.3.0p4"
},
{
"version_affected": "<",
"version_name": "2.2.0",
"version_value": "2.2.0p27"
},
{
"version_affected": "<",
"version_name": "2.1.0",
"version_value": "2.1.0p44"
},
{
"version_affected": "<=",
"version_name": "2.0.0",
"version_value": "2.0.0p39"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://checkmk.com/werk/15200",
"refsource": "MISC",
"name": "https://checkmk.com/werk/15200"
}
]
},
"impact": {
"cvss": [
{
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink