CVE-2022-24565

{"id": "CVE-2022-24565", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2022-02-24T15:15:29.513", "references": [{"url": "https://checkmk.com/werk/13716", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. The Alias of a site was not properly escaped when shown as condition for notifications."}, {"lang": "es", "value": "Checkmk versiones anteriores a 2.0.0p19 incluy\u00e9ndola, Corregido en versi\u00f3n 2.0.0p20 y Checkmk versiones anteriores a 1.6.0p27 incluy\u00e9ndola, Corregido en versi\u00f3n 1.6.0p28, est\u00e1n afectados por una vulnerabilidad de tipo Cross Site Scripting (XSS). El Alias de un sitio no se escapaba correctamente cuando era mostrado como condici\u00f3n para las notificaciones"}], "lastModified": "2022-03-02T18:08:50.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E15C521C-CD7F-434A-9F43-6ED5C7645DA7"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "172724CA-44E1-4768-8BAF-611AE72C8510"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE1C7D4B-55E2-4A0B-96AD-4D1645141B43"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B691D90-C811-43A1-8062-71F2BF0EF5E7"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99D39BA7-C78A-4667-95F1-55ACB9FD584F"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B467203-3B24-4CAE-BEB4-88FEFA2223EF"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDEC890E-D96A-490D-988D-B06C6CD86A05"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:b9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB52C0F4-B206-4F20-BDB7-3FF2E60185D1"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D80533C1-AA9F-481B-A4A4-26AA0695C666"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA0AD652-2417-4C33-8299-0411FA002BAF"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29F70025-92A2-4618-A8DD-05098F45625F"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CAAB02A-CB2D-42F9-9720-520822F88402"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46C5993C-BEE1-4C9B-BCDB-09A36DA2485E"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53E01ABC-75DA-4323-9E8C-F97321974583"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77427E05-C4A1-4C28-84B8-947E26CF7EA8"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6036F586-CA74-40DE-B76F-C76357A1E833"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p19:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84B6760F-4EB5-47C2-BDB1-9D654826B01D"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "104EB827-02D7-4AB9-897D-16210E8934D6"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "232E5841-8303-410C-9191-F9603B808AB1"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p21:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9276429-8D0B-4647-AFBE-9A0B158666D1"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p22:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86E4613C-C843-473F-B7BE-E5759D8D35B4"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p23:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FBD73A9-AF27-402E-9B42-B9DF1567CF43"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p24:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EEBA5A8-5330-47A8-9D3E-08A7E22F70C9"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A5E5E38-94BA-4708-80A4-25CF71074E82"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28FA4030-59CF-43CB-A9B7-E2304E2315DC"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:1.6.0:p27:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E00E39E-522C-4FDD-B4D7-0444FFC120ED"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5138E25-A5AF-495D-A713-B8BDACC133D8"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187"}, {"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}