Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-31210

Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries

Published

2023-12-13T09:15:34.080

Last Modified

2024-11-21T08:01:37.843

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-427
Type: Primary
CWE-427

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes

References

https://checkmk.com/werk/16226 Vendor Advisory ([email protected])
https://checkmk.com/werk/16226 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)