Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Tribe29

Published: 2023-04-18T11:09:09.107Z

Updated: 2024-08-02T06:12:19.531Z

Reserved: 2023-04-13T08:38:39.338Z

Link: CVE-2023-2020

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-04-18T12:15:07.537

Modified: 2024-07-23T19:37:16.630

Link: CVE-2023-2020

cve-icon Redhat

No data.