gsd-2023-31211
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials
Aliases
Aliases



{
  "GSD": {
    "alias": "CVE-2023-31211",
    "id": "GSD-2023-31211"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-31211"
      ],
      "details": "Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials",
      "id": "GSD-2023-31211",
      "modified": "2023-12-13T01:20:30.232108Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@checkmk.com",
        "ID": "CVE-2023-31211",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Checkmk",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "2.2.0",
                          "version_value": "2.2.0p18"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "2.1.0",
                          "version_value": "2.1.0p38"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "2.0.0",
                          "version_value": "2.0.0p39"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Checkmk GmbH"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials"
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-691",
                "lang": "eng",
                "value": "CWE-691: Insufficient Control Flow Management"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://checkmk.com/werk/16227",
            "refsource": "MISC",
            "url": "https://checkmk.com/werk/16227"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34",
                    "versionEndIncluding": "2.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*",
                    "matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*",
                    "matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*",
                    "matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*",
                    "matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*",
                    "matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*",
                    "matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*",
                    "matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*",
                    "matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*",
                    "matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*",
                    "matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*",
                    "matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*",
                    "matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*",
                    "matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*",
                    "matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*",
                    "matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*",
                    "matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*",
                    "matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*",
                    "matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*",
                    "matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*",
                    "matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*",
                    "matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*",
                    "matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*",
                    "matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*",
                    "matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*",
                    "matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*",
                    "matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*",
                    "matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*",
                    "matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*",
                    "matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*",
                    "matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*",
                    "matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*",
                    "matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*",
                    "matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*",
                    "matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*",
                    "matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*",
                    "matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*",
                    "matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*",
                    "matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*",
                    "matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*",
                    "matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*",
                    "matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*",
                    "matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*",
                    "matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*",
                    "matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*",
                    "matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*",
                    "matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*",
                    "matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
                    "matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
                    "matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
                    "matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
                    "matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
                    "matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
                    "matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
                    "matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
                    "matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
                    "matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
                    "matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
                    "matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
                    "matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
                    "matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
                    "matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
                    "matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
                    "matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
                    "matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
                    "matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
                    "matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
                    "matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
                    "matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
                    "matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
                    "matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
                    "matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
                    "matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
                    "matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
                    "matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
                    "matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
                    "matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
                    "matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*",
                    "matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*",
                    "matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
                    "matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*",
                    "matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*",
                    "matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*",
                    "matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*",
                    "matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*",
                    "matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*",
                    "matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*",
                    "matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*",
                    "matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
                    "matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
                    "matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
                    "matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
                    "matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
                    "matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
                    "matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*",
                    "matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
                    "matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
                    "matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
                    "matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
                    "matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
                    "matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
                    "matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
                    "matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*",
                    "matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*",
                    "matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*",
                    "matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*",
                    "matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*",
                    "matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*",
                    "matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*",
                    "matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*",
                    "matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*",
                    "matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*",
                    "matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*",
                    "matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*",
                    "matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*",
                    "matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*",
                    "matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*",
                    "matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials"
          },
          {
            "lang": "es",
            "value": "El flujo de autenticaci\u00f3n insuficiente en Checkmk anterior a 2.2.0p17, 2.1.0p37 y 2.0.0p39 permite al atacante utilizar credenciales bloqueadas"
          }
        ],
        "id": "CVE-2023-31211",
        "lastModified": "2024-01-19T02:09:26.650",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.0,
              "impactScore": 6.0,
              "source": "security@checkmk.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-01-12T08:15:43.137",
        "references": [
          {
            "source": "security@checkmk.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://checkmk.com/werk/16227"
          }
        ],
        "sourceIdentifier": "security@checkmk.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-670"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-691"
              }
            ],
            "source": "security@checkmk.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.