Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://checkmk.com/werk/13981 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Tribe29
Published: 2023-04-18T11:09:09.107Z
Updated: 2024-08-02T06:12:19.531Z
Reserved: 2023-04-13T08:38:39.338Z
Link: CVE-2023-2020
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-04-18T12:15:07.537
Modified: 2024-07-23T19:37:16.630
Link: CVE-2023-2020
Redhat
No data.