 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.127686 |
| Categoría: | Privilege escalation |
| Título: | Checkmk < 1.6.0p29, 2.0.x < 2.0.0p26, 2.1.x < 2.1.0p3 Privilege Escalation Vulnerability |
| Resumen: | Checkmk is prone to a privilege escalation vulnerability. |
| Descripción: | Summary: Checkmk is prone to a privilege escalation vulnerability. Vulnerability Insight: Wrong file ownership of the maintainer scripts located at /var/lib/dpkg/info: they were owned by the user and group with the ID 1001 instead of root. If such a user exists on your system, they can change the content of these files which are later executed by root (during package installation, update or removal), leading to a local privilege escalation on the monitored host. Affected Software/OS: Checkmk installations done via the Debian packages, versions prior to 1.6.0p29, 2.0.x prior to 2.0.0p26 and 2.1.x prior to 2.1.0p3. Solution: See the referenced vendor advisory for steps how to check the correct file permissions. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-33912 https://checkmk.com/werk/14098 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |