Command injection in SMS notifications in Tribe29 Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local permissions.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Tribe29

Published: 2023-02-20T16:49:49.961Z

Updated: 2024-08-03T14:31:45.469Z

Reserved: 2023-01-18T15:49:58.122Z

Link: CVE-2022-46303

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-02-20T17:15:12.073

Modified: 2024-07-23T19:37:16.630

Link: CVE-2022-46303

cve-icon Redhat

No data.