Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows attackers to craft malicious links that can facilitate phishing attacks.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://checkmk.com/werk/17094 |
History
Wed, 11 Dec 2024 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Checkmk
Checkmk checkmk |
|
CPEs | cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:* cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:* |
|
Vendors & Products |
Checkmk
Checkmk checkmk |
|
Metrics |
cvssV3_1
|
Tue, 17 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 17 Sep 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows attackers to craft malicious links that can facilitate phishing attacks. | |
Title | Reflected links in error message facilitate phishing attacks | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: Checkmk
Published: 2024-09-17T14:01:09.555Z
Updated: 2024-09-17T17:16:28.885Z
Reserved: 2024-06-20T10:03:09.178Z
Link: CVE-2024-38860
Vulnrichment
Updated: 2024-09-17T17:15:45.708Z
NVD
Status : Analyzed
Published: 2024-09-17T14:15:17.347
Modified: 2024-12-11T03:01:28.130
Link: CVE-2024-38860
Redhat
No data.