Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI.
References
Link | Resource |
---|---|
https://checkmk.com/werk/14485 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
06 Mar 2023, 19:26
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-613 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Tribe29
Tribe29 checkmk |
|
CPE | cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:* |
|
References | (MISC) https://checkmk.com/werk/14485 - Vendor Advisory |
20 Feb 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-20 17:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-48317
Mitre link : CVE-2022-48317
CVE.ORG link : CVE-2022-48317
JSON object : View
Products Affected
tribe29
- checkmk
CWE
CWE-613
Insufficient Session Expiration