CVE-2023-6287

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log files.
References
Link Resource
https://checkmk.com/werk/9554 Vendor Advisory
https://checkmk.com/werk/9554 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:tribe29:checkmk_appliance_firmware:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:43

Type Values Removed Values Added
References () https://checkmk.com/werk/9554 - Vendor Advisory () https://checkmk.com/werk/9554 - Vendor Advisory
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 3.3

26 Aug 2024, 10:15

Type Values Removed Values Added
CWE CWE-200

01 Dec 2023, 02:30

Type Values Removed Values Added
CWE CWE-532
References () https://checkmk.com/werk/9554 - () https://checkmk.com/werk/9554 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
First Time Tribe29
Tribe29 checkmk Appliance Firmware
CPE cpe:2.3:o:tribe29:checkmk_appliance_firmware:*:*:*:*:*:*:*:*

27 Nov 2023, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-27 14:15

Updated : 2024-11-21 08:43


NVD link : CVE-2023-6287

Mitre link : CVE-2023-6287

CVE.ORG link : CVE-2023-6287


JSON object : View

Products Affected

tribe29

  • checkmk_appliance_firmware
CWE
CWE-598

Use of GET Request Method With Sensitive Query Strings

CWE-532

Insertion of Sensitive Information into Log File