Description
Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Tribe29 | Checkmk | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-23979 | Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations. |
References
| Link | Providers |
|---|---|
| https://checkmk.com/werk/15423 |
|
History
Tue, 11 Feb 2025 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Tribe29
Published:
Updated: 2025-02-11T17:07:22.757Z
Reserved: 2023-03-31T08:10:02.118Z
Link: CVE-2023-1768
Vulnrichment
Updated: 2024-08-02T05:57:25.231Z
NVD
Status : Modified
Published: 2023-04-04T07:15:11.697
Modified: 2024-11-21T07:39:52.147
Link: CVE-2023-1768
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses