2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-48318" ,
"sourceIdentifier" : "security@checkmk.com" ,
"published" : "2023-02-20T17:15:12.380" ,
"lastModified" : "2023-03-06T14:55:33.160" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "No authorisation controls in the RestAPI documentation for Tribe29's Checkmk <= 2.1.0p13 and Checkmk <= 2.0.0p29 which may lead to unintended information disclosure through automatically generated user specific tags within Rest API documentation."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.3 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 1.4
} ,
{
"source" : "security@checkmk.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.3 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 1.4
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-862"
}
]
} ,
{
"source" : "security@checkmk.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-862"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*" ,
"matchCriteriaId" : "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*" ,
"matchCriteriaId" : "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*" ,
"matchCriteriaId" : "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*" ,
"matchCriteriaId" : "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*" ,
"matchCriteriaId" : "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*" ,
"matchCriteriaId" : "8E93629E-C0CB-4636-B343-1C0646D8228E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*" ,
"matchCriteriaId" : "58102464-E66F-49CD-8952-3F3F9A6A45CC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*" ,
"matchCriteriaId" : "9C98E509-8466-4F95-ABE7-7ECC91640E04"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*" ,
"matchCriteriaId" : "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*" ,
"matchCriteriaId" : "002EF417-C702-42E2-9C8F-C9593B43AB03"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*" ,
"matchCriteriaId" : "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B0AF395-FDC7-4321-9E00-C935641C138B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*" ,
"matchCriteriaId" : "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*" ,
"matchCriteriaId" : "960DF373-EDE6-4318-B6E9-07573ED5907A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*" ,
"matchCriteriaId" : "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*" ,
"matchCriteriaId" : "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*" ,
"matchCriteriaId" : "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*" ,
"matchCriteriaId" : "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*" ,
"matchCriteriaId" : "8400088B-E56E-4D0B-86D5-76D884C8031A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*" ,
"matchCriteriaId" : "29554684-FEFF-42B2-B62E-6523782F537C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*" ,
"matchCriteriaId" : "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "E5138E25-A5AF-495D-A713-B8BDACC133D8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*" ,
"matchCriteriaId" : "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*" ,
"matchCriteriaId" : "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*" ,
"matchCriteriaId" : "452F359B-BCB5-46E0-A77A-383C3C2E2D60"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*" ,
"matchCriteriaId" : "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*" ,
"matchCriteriaId" : "463A4A68-810B-4C20-A696-4F94DB20224B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*" ,
"matchCriteriaId" : "F4459581-214F-423B-A29D-31C789FD7F1C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*" ,
"matchCriteriaId" : "F96B08FA-8129-4880-86FE-47B08C2B6964"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*" ,
"matchCriteriaId" : "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*" ,
"matchCriteriaId" : "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*" ,
"matchCriteriaId" : "A4DA5440-F376-4952-ABCB-AC557C5944A9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*" ,
"matchCriteriaId" : "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*" ,
"matchCriteriaId" : "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*" ,
"matchCriteriaId" : "918ACC6A-2EE8-401F-B18A-94B8757B202E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*" ,
"matchCriteriaId" : "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*" ,
"matchCriteriaId" : "9B678D96-5987-4423-A713-57812B896380"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*" ,
"matchCriteriaId" : "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*" ,
"matchCriteriaId" : "7A016627-9BF2-4D25-AB97-172EAEC4C187"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*" ,
"matchCriteriaId" : "333FBE01-E5C1-4668-B50F-B64A34E799A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE7C4821-74F2-442C-B51F-A52788FC61F4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*" ,
"matchCriteriaId" : "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*" ,
"matchCriteriaId" : "D7A74CB5-CC6E-4166-B884-498F2CF1A33E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*" ,
"matchCriteriaId" : "42DCB139-5BBE-45F3-80F5-3A43D95A58BB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*" ,
"matchCriteriaId" : "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*" ,
"matchCriteriaId" : "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*" ,
"matchCriteriaId" : "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*" ,
"matchCriteriaId" : "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*" ,
"matchCriteriaId" : "5D956394-C3F3-4C88-A791-364AE555D522"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*" ,
"matchCriteriaId" : "25E96088-0FA2-49FD-B93D-5AFC9605289E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*" ,
"matchCriteriaId" : "EDB60B12-F724-40C7-8EB2-1270484E88F6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*" ,
"matchCriteriaId" : "1982ED3B-A0FA-476A-BFB2-5B7B53289496"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*" ,
"matchCriteriaId" : "AA60BF44-AF52-458A-BD3F-9FD5D8408575"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*" ,
"matchCriteriaId" : "9BFE55DC-89EA-404F-8DDF-93E351366789"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*" ,
"matchCriteriaId" : "C62D8997-DD3B-4B83-B6A5-DFC2408A9164"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*" ,
"matchCriteriaId" : "80B4A77F-F636-49BB-8CB6-60064984463F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*" ,
"matchCriteriaId" : "356E5744-AB8E-4FBA-992F-74ED8F9086CE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*" ,
"matchCriteriaId" : "41FB6FFA-F38F-4754-A1E6-35073D84069E"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://checkmk.com/werk/14509" ,
"source" : "security@checkmk.com" ,
"tags" : [
"Vendor Advisory"
]
}
]
}
