CVE-2024-38863

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.
CVSS

No CVSS.

References
Configurations

No configuration.

History

15 Oct 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) La exposición de tokens CSRF en parámetros de consulta en solicitudes específicas en las versiones de Checkmk de Checkmk GmbH &lt;2.3.0p18, &lt;2.2.0p35 y &lt;2.1.0p48 podría provocar una fuga del token para facilitar ataques de phishing dirigidos.

14 Oct 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-14 08:15

Updated : 2024-10-15 12:57


NVD link : CVE-2024-38863

Mitre link : CVE-2024-38863

CVE.ORG link : CVE-2024-38863


JSON object : View

Products Affected

No product.

CWE
CWE-598

Use of GET Request Method With Sensitive Query Strings