Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows users with permission to change Global Settings to execute arbitrary scripts by injecting HTML elements into the Crash Report URL in the Global Settings.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://checkmk.com/werk/17024 |
History
Wed, 04 Dec 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Checkmk
Checkmk checkmk |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:* |
|
Vendors & Products |
Checkmk
Checkmk checkmk |
MITRE
Status: PUBLISHED
Assigner: Checkmk
Published: 2024-06-25T11:45:33.371Z
Updated: 2024-08-02T00:56:58.120Z
Reserved: 2024-03-11T13:21:43.122Z
Link: CVE-2024-28832
Vulnrichment
Updated: 2024-06-26T17:06:57.796Z
NVD
Status : Analyzed
Published: 2024-06-25T12:15:09.713
Modified: 2024-12-04T16:15:21.077
Link: CVE-2024-28832
Redhat
No data.