Description
Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Checkmk GmbH | Checkmk | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-58406 | Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users. |
References
| Link | Providers |
|---|---|
| https://checkmk.com/werk/16221 |
|
History
No history.
MITRE
Status: PUBLISHED
Assigner: Checkmk
Published:
Updated: 2024-08-02T08:21:17.614Z
Reserved: 2023-11-15T16:38:31.845Z
Link: CVE-2023-6156
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-22T17:15:22.537
Modified: 2024-11-21T08:43:16.090
Link: CVE-2023-6156
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses