What is CVE-2022-24566?

CVE-2022-24566 is a vulnerability in Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28 that allows for Cross Site Scripting (XSS) through improper escaping of a Predefined condition's title.

How severe is CVE-2022-24566?

CVE-2022-24566 has a severity rating of medium with a CVSS score of 5.4 out of 10.

What software versions are affected by CVE-2022-24566?

CVE-2022-24566 affects Checkmk versions 1.6.0 and 2.0.0, specifically versions up to 1.6.0p19 and 2.0.0p19 respectively.

How can I fix CVE-2022-24566?

To fix CVE-2022-24566, it is recommended to update Checkmk to version 2.0.0p20 or higher for Checkmk 2.0.0, and version 1.6.0p28 or higher for Checkmk 1.6.0.

Where can I find more information about CVE-2022-24566?

You can find more information about CVE-2022-24566 on the official Checkmk website at the following link: [CVE-2022-24566](https://checkmk.com/werk/13717).

Vulnerability/
CVE-2022-24566

medium

5.4

CWE

23/2/2022

3/8/2024

CVE-2022-24566: XSS

Q: How severe is CVE-2022-24566?

CVE-2022-24566 has a severity rating of medium with a CVSS score of 5.4 out of 10.

Q: What software versions are affected by CVE-2022-24566?

CVE-2022-24566 affects Checkmk versions 1.6.0 and 2.0.0, specifically versions up to 1.6.0p19 and 2.0.0p19 respectively.

Q: How can I fix CVE-2022-24566?

To fix CVE-2022-24566, it is recommended to update Checkmk to version 2.0.0p20 or higher for Checkmk 2.0.0, and version 1.6.0p28 or higher for Checkmk 1.6.0.

Q: Where can I find more information about CVE-2022-24566?

You can find more information about CVE-2022-24566 on the official Checkmk website at the following link: [CVE-2022-24566](https://checkmk.com/werk/13717).

First published: Wed Feb 23 2022(Updated: )

In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS).

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Tribe29 Checkmk	=1.6.0
Tribe29 Checkmk	=1.6.0-b1
Tribe29 Checkmk	=1.6.0-b10
Tribe29 Checkmk	=1.6.0-b12
Tribe29 Checkmk	=1.6.0-b3
Tribe29 Checkmk	=1.6.0-b4
Tribe29 Checkmk	=1.6.0-b5
Tribe29 Checkmk	=1.6.0-b9
Tribe29 Checkmk	=1.6.0-p1
Tribe29 Checkmk	=1.6.0-p10
Tribe29 Checkmk	=1.6.0-p11
Tribe29 Checkmk	=1.6.0-p12
Tribe29 Checkmk	=1.6.0-p13
Tribe29 Checkmk	=1.6.0-p14
Tribe29 Checkmk	=1.6.0-p15
Tribe29 Checkmk	=1.6.0-p16
Tribe29 Checkmk	=1.6.0-p19
Tribe29 Checkmk	=1.6.0-p2
Tribe29 Checkmk	=1.6.0-p20
Tribe29 Checkmk	=1.6.0-p21
Tribe29 Checkmk	=1.6.0-p22
Tribe29 Checkmk	=1.6.0-p23
Tribe29 Checkmk	=1.6.0-p24
Tribe29 Checkmk	=1.6.0-p25
Tribe29 Checkmk	=1.6.0-p26
Tribe29 Checkmk	=1.6.0-p27
Tribe29 Checkmk	=2.0.0
Tribe29 Checkmk	=2.0.0-b1
Tribe29 Checkmk	=2.0.0-b2
Tribe29 Checkmk	=2.0.0-b3
Tribe29 Checkmk	=2.0.0-b4
Tribe29 Checkmk	=2.0.0-b5
Tribe29 Checkmk	=2.0.0-b6
Tribe29 Checkmk	=2.0.0-b7
Tribe29 Checkmk	=2.0.0-b8
Tribe29 Checkmk	=2.0.0-i1
Tribe29 Checkmk	=2.0.0-p1
Tribe29 Checkmk	=2.0.0-p10
Tribe29 Checkmk	=2.0.0-p11
Tribe29 Checkmk	=2.0.0-p12
Tribe29 Checkmk	=2.0.0-p13
Tribe29 Checkmk	=2.0.0-p14
Tribe29 Checkmk	=2.0.0-p15
Tribe29 Checkmk	=2.0.0-p16
Tribe29 Checkmk	=2.0.0-p17
Tribe29 Checkmk	=2.0.0-p18
Tribe29 Checkmk	=2.0.0-p19
Checkmk Checkmk	=1.6.0
Checkmk Checkmk	=1.6.0-b1
Checkmk Checkmk	=1.6.0-b10
Checkmk Checkmk	=1.6.0-b12
Checkmk Checkmk	=1.6.0-b3
Checkmk Checkmk	=1.6.0-b4
Checkmk Checkmk	=1.6.0-b5
Checkmk Checkmk	=1.6.0-b9
Checkmk Checkmk	=1.6.0-p1
Checkmk Checkmk	=1.6.0-p10
Checkmk Checkmk	=1.6.0-p11
Checkmk Checkmk	=1.6.0-p12
Checkmk Checkmk	=1.6.0-p13
Checkmk Checkmk	=1.6.0-p14
Checkmk Checkmk	=1.6.0-p15
Checkmk Checkmk	=1.6.0-p16
Checkmk Checkmk	=1.6.0-p19
Checkmk Checkmk	=1.6.0-p2
Checkmk Checkmk	=1.6.0-p20
Checkmk Checkmk	=1.6.0-p21
Checkmk Checkmk	=1.6.0-p22
Checkmk Checkmk	=1.6.0-p23
Checkmk Checkmk	=1.6.0-p24
Checkmk Checkmk	=1.6.0-p25
Checkmk Checkmk	=1.6.0-p26
Checkmk Checkmk	=1.6.0-p27
Checkmk Checkmk	=2.0.0
Checkmk Checkmk	=2.0.0-b1
Checkmk Checkmk	=2.0.0-b2
Checkmk Checkmk	=2.0.0-b3
Checkmk Checkmk	=2.0.0-b4
Checkmk Checkmk	=2.0.0-b5
Checkmk Checkmk	=2.0.0-b6
Checkmk Checkmk	=2.0.0-b7
Checkmk Checkmk	=2.0.0-b8
Checkmk Checkmk	=2.0.0-i1
Checkmk Checkmk	=2.0.0-p1
Checkmk Checkmk	=2.0.0-p10
Checkmk Checkmk	=2.0.0-p11
Checkmk Checkmk	=2.0.0-p12
Checkmk Checkmk	=2.0.0-p13
Checkmk Checkmk	=2.0.0-p14
Checkmk Checkmk	=2.0.0-p15
Checkmk Checkmk	=2.0.0-p16
Checkmk Checkmk	=2.0.0-p17
Checkmk Checkmk	=2.0.0-p18
Checkmk Checkmk	=2.0.0-p19

Never miss a vulnerability like this again

Reference Links

https://checkmk.com/werk/13717

Frequently Asked Questions

What is CVE-2022-24566?
CVE-2022-24566 is a vulnerability in Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28 that allows for Cross Site Scripting (XSS) through improper escaping of a Predefined condition's title.
How severe is CVE-2022-24566?
CVE-2022-24566 has a severity rating of medium with a CVSS score of 5.4 out of 10.
What software versions are affected by CVE-2022-24566?
CVE-2022-24566 affects Checkmk versions 1.6.0 and 2.0.0, specifically versions up to 1.6.0p19 and 2.0.0p19 respectively.
How can I fix CVE-2022-24566?
To fix CVE-2022-24566, it is recommended to update Checkmk to version 2.0.0p20 or higher for Checkmk 2.0.0, and version 1.6.0p28 or higher for Checkmk 1.6.0.
Where can I find more information about CVE-2022-24566?
You can find more information about CVE-2022-24566 on the official Checkmk website at the following link: [CVE-2022-24566](https://checkmk.com/werk/13717).

collector/nvd-index
agent/type
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
agent/author
agent/references
agent/weakness
agent/description
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
agent/source
vendor/tribe29
canonical/tribe29 checkmk
version/tribe29 checkmk/1.6.0
version/tribe29 checkmk/1.6.0-b1
version/tribe29 checkmk/1.6.0-b10
version/tribe29 checkmk/1.6.0-b12
version/tribe29 checkmk/1.6.0-b3
version/tribe29 checkmk/1.6.0-b4
version/tribe29 checkmk/1.6.0-b5
version/tribe29 checkmk/1.6.0-b9
version/tribe29 checkmk/1.6.0-p1
version/tribe29 checkmk/1.6.0-p10
version/tribe29 checkmk/1.6.0-p11
version/tribe29 checkmk/1.6.0-p12
version/tribe29 checkmk/1.6.0-p13
version/tribe29 checkmk/1.6.0-p14
version/tribe29 checkmk/1.6.0-p15
version/tribe29 checkmk/1.6.0-p16
version/tribe29 checkmk/1.6.0-p19
version/tribe29 checkmk/1.6.0-p2
version/tribe29 checkmk/1.6.0-p20
version/tribe29 checkmk/1.6.0-p21
version/tribe29 checkmk/1.6.0-p22
version/tribe29 checkmk/1.6.0-p23
version/tribe29 checkmk/1.6.0-p24
version/tribe29 checkmk/1.6.0-p25
version/tribe29 checkmk/1.6.0-p26
version/tribe29 checkmk/1.6.0-p27
version/tribe29 checkmk/2.0.0
version/tribe29 checkmk/2.0.0-b1
version/tribe29 checkmk/2.0.0-b2
version/tribe29 checkmk/2.0.0-b3
version/tribe29 checkmk/2.0.0-b4
version/tribe29 checkmk/2.0.0-b5
version/tribe29 checkmk/2.0.0-b6
version/tribe29 checkmk/2.0.0-b7
version/tribe29 checkmk/2.0.0-b8
version/tribe29 checkmk/2.0.0-i1
version/tribe29 checkmk/2.0.0-p1
version/tribe29 checkmk/2.0.0-p10
version/tribe29 checkmk/2.0.0-p11
version/tribe29 checkmk/2.0.0-p12
version/tribe29 checkmk/2.0.0-p13
version/tribe29 checkmk/2.0.0-p14
version/tribe29 checkmk/2.0.0-p15
version/tribe29 checkmk/2.0.0-p16
version/tribe29 checkmk/2.0.0-p17
version/tribe29 checkmk/2.0.0-p18
version/tribe29 checkmk/2.0.0-p19
vendor/checkmk
canonical/checkmk checkmk
version/checkmk checkmk/1.6.0
version/checkmk checkmk/1.6.0-b1
version/checkmk checkmk/1.6.0-b10
version/checkmk checkmk/1.6.0-b12
version/checkmk checkmk/1.6.0-b3
version/checkmk checkmk/1.6.0-b4
version/checkmk checkmk/1.6.0-b5
version/checkmk checkmk/1.6.0-b9
version/checkmk checkmk/1.6.0-p1
version/checkmk checkmk/1.6.0-p10
version/checkmk checkmk/1.6.0-p11
version/checkmk checkmk/1.6.0-p12
version/checkmk checkmk/1.6.0-p13
version/checkmk checkmk/1.6.0-p14
version/checkmk checkmk/1.6.0-p15
version/checkmk checkmk/1.6.0-p16
version/checkmk checkmk/1.6.0-p19
version/checkmk checkmk/1.6.0-p2
version/checkmk checkmk/1.6.0-p20
version/checkmk checkmk/1.6.0-p21
version/checkmk checkmk/1.6.0-p22
version/checkmk checkmk/1.6.0-p23
version/checkmk checkmk/1.6.0-p24
version/checkmk checkmk/1.6.0-p25
version/checkmk checkmk/1.6.0-p26
version/checkmk checkmk/1.6.0-p27
version/checkmk checkmk/2.0.0
version/checkmk checkmk/2.0.0-b1
version/checkmk checkmk/2.0.0-b2
version/checkmk checkmk/2.0.0-b3
version/checkmk checkmk/2.0.0-b4
version/checkmk checkmk/2.0.0-b5
version/checkmk checkmk/2.0.0-b6
version/checkmk checkmk/2.0.0-b7
version/checkmk checkmk/2.0.0-b8
version/checkmk checkmk/2.0.0-i1
version/checkmk checkmk/2.0.0-p1
version/checkmk checkmk/2.0.0-p10
version/checkmk checkmk/2.0.0-p11
version/checkmk checkmk/2.0.0-p12
version/checkmk checkmk/2.0.0-p13
version/checkmk checkmk/2.0.0-p14
version/checkmk checkmk/2.0.0-p15
version/checkmk checkmk/2.0.0-p16
version/checkmk checkmk/2.0.0-p17
version/checkmk checkmk/2.0.0-p18
version/checkmk checkmk/2.0.0-p19