Description
PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Tribe29 | Checkmk | unaffected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-49618 | PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Tribe29
Published:
Updated: 2024-08-03T14:39:39.053Z
Reserved: 2023-01-18T15:49:58.118Z
Link: CVE-2022-46836
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-20T17:15:12.153
Modified: 2024-11-21T07:31:08.993
Link: CVE-2022-46836
Redhat
No data.
OpenCVE Enrichment
No data.