Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://checkmk.com/werk/13981 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Tribe29
Published: 2023-04-18T11:09:09.107Z
Updated: 2024-08-02T06:12:19.531Z
Reserved: 2023-04-13T08:38:39.338Z
Link: CVE-2023-2020
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-04-18T12:15:07.537
Modified: 2024-11-21T07:57:46.397
Link: CVE-2023-2020
Redhat
No data.