Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk <= 2.1.0p6, Checkmk <= 2.0.0p27, and all versions of Checkmk 1.6.0 (EOL) allowing an attacker to perform remote code execution with root privileges on the underlying host.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Tribe29

Published: 2023-04-20T13:06:30.238Z

Updated: 2024-08-03T14:31:46.402Z

Reserved: 2023-01-18T15:49:58.114Z

Link: CVE-2022-46302

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-04-20T14:15:08.177

Modified: 2024-07-23T19:37:16.630

Link: CVE-2022-46302

cve-icon Redhat

No data.