admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-249xx/CVE-2020-24908.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

190 lines
6.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-24908",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-19T06:15:12.510",
"lastModified": "2021-02-25T13:49:33.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges via a Trojan horse shell script in the %PROGRAMDATA%\\checkmk\\agent\\local directory."
},
{
"lang": "es",
"value": "Checkmk versiones anteriores a 1.6.0p17, permite a usuarios locales alcanzar privilegios SYSTEM por medio de un script de shell de tipo caballo de Troya en el directorio %PROGRAMDATA%\\checkmk\\agent\\local"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2
},
"baseSeverity": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "4A16FF60-CF71-4C74-A1CD-A8BBC8745FF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E15C521C-CD7F-434A-9F43-6ED5C7645DA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "D80533C1-AA9F-481B-A4A4-26AA0695C666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "FA0AD652-2417-4C33-8299-0411FA002BAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "29F70025-92A2-4618-A8DD-05098F45625F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "9CAAB02A-CB2D-42F9-9720-520822F88402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "46C5993C-BEE1-4C9B-BCDB-09A36DA2485E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "53E01ABC-75DA-4323-9E8C-F97321974583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "77427E05-C4A1-4C28-84B8-947E26CF7EA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "6036F586-CA74-40DE-B76F-C76357A1E833"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "104EB827-02D7-4AB9-897D-16210E8934D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "5703ADA0-75EF-49B5-A826-5E657B71D64F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "2195D39D-5BA2-44F5-8DFB-80A60DBFC866"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "19D8AD44-8893-4F2B-9626-D16C03A39FB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "E5F07AAF-8E7D-4F9D-82C9-D75B5C3397B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "5A90CBA3-4548-4C23-A368-04A385956720"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "F42920C1-B772-4AA3-A944-6B7636BF5FD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "B7DFA157-07AD-4A07-8E2F-7D803CD1F267"
}
]
}
]
}
],
"references": [
{
"url": "https://compass-security.com/fileadmin/Research/Advisories/2020-05_CSNC-2020-005_Checkmk_Local_Privilege_Escalation.txt",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink