Description
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Checkmk GmbH | Checkmk | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-58496 | Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. |
References
| Link | Providers |
|---|---|
| https://checkmk.com/werk/16224 |
|
History
No history.
MITRE
Status: PUBLISHED
Assigner: Checkmk
Published:
Updated: 2024-08-02T08:21:18.099Z
Reserved: 2023-11-22T10:39:14.993Z
Link: CVE-2023-6251
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-24T09:15:09.903
Modified: 2024-11-21T08:43:27.950
Link: CVE-2023-6251
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses