CVE-2022-33912
First published: Fri Jun 17 2022(Updated: )
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. If such a user exists on the system, they can change the content of these files (which are then executed by root). This leads to a local privilege escalation on the monitored host. Version 1.6 through 1.6.9p29, version 2.0 through 2.0.0p26, version 2.1 through 2.1.0p3, and version 2.2.0i1 are affected.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Checkmk NagVis | =1.6.0 | |
| Checkmk NagVis | =1.6.0-b1 | |
| Checkmk NagVis | =1.6.0-b10 | |
| Checkmk NagVis | =1.6.0-b12 | |
| Checkmk NagVis | =1.6.0-b3 | |
| Checkmk NagVis | =1.6.0-b4 | |
| Checkmk NagVis | =1.6.0-b5 | |
| Checkmk NagVis | =1.6.0-b9 | |
| Checkmk NagVis | =1.6.0-p1 | |
| Checkmk NagVis | =1.6.0-p10 | |
| Checkmk NagVis | =1.6.0-p11 | |
| Checkmk NagVis | =1.6.0-p12 | |
| Checkmk NagVis | =1.6.0-p13 | |
| Checkmk NagVis | =1.6.0-p14 | |
| Checkmk NagVis | =1.6.0-p15 | |
| Checkmk NagVis | =1.6.0-p16 | |
| Checkmk NagVis | =1.6.0-p19 | |
| Checkmk NagVis | =1.6.0-p2 | |
| Checkmk NagVis | =1.6.0-p20 | |
| Checkmk NagVis | =1.6.0-p21 | |
| Checkmk NagVis | =1.6.0-p22 | |
| Checkmk NagVis | =1.6.0-p23 | |
| Checkmk NagVis | =1.6.0-p24 | |
| Checkmk NagVis | =1.6.0-p25 | |
| Checkmk NagVis | =1.6.0-p26 | |
| Checkmk NagVis | =1.6.0-p27 | |
| Checkmk NagVis | =1.6.0-p28 | |
| Checkmk NagVis | =1.6.0-p29 | |
| Checkmk NagVis | =1.6.0b10 | |
| Checkmk NagVis | =1.6.0b11 | |
| Checkmk NagVis | =2.0.0 | |
| Checkmk NagVis | =2.0.0-b1 | |
| Checkmk NagVis | =2.0.0-b2 | |
| Checkmk NagVis | =2.0.0-b3 | |
| Checkmk NagVis | =2.0.0-b4 | |
| Checkmk NagVis | =2.0.0-b5 | |
| Checkmk NagVis | =2.0.0-b6 | |
| Checkmk NagVis | =2.0.0-b7 | |
| Checkmk NagVis | =2.0.0-b8 | |
| Checkmk NagVis | =2.0.0-p1 | |
| Checkmk NagVis | =2.0.0-p10 | |
| Checkmk NagVis | =2.0.0-p11 | |
| Checkmk NagVis | =2.0.0-p12 | |
| Checkmk NagVis | =2.0.0-p13 | |
| Checkmk NagVis | =2.0.0-p14 | |
| Checkmk NagVis | =2.0.0-p15 | |
| Checkmk NagVis | =2.0.0-p16 | |
| Checkmk NagVis | =2.0.0-p17 | |
| Checkmk NagVis | =2.0.0-p18 | |
| Checkmk NagVis | =2.0.0-p19 | |
| Checkmk NagVis | =2.0.0-p2 | |
| Checkmk NagVis | =2.0.0-p20 | |
| Checkmk NagVis | =2.0.0-p21 | |
| Checkmk NagVis | =2.0.0-p22 | |
| Checkmk NagVis | =2.0.0-p23 | |
| Checkmk NagVis | =2.0.0-p24 | |
| Checkmk NagVis | =2.0.0-p25 | |
| Checkmk NagVis | =2.0.0-p26 | |
| Checkmk NagVis | =2.1.0-b1 | |
| Checkmk NagVis | =2.1.0-b2 | |
| Checkmk NagVis | =2.1.0-b3 | |
| Checkmk NagVis | =2.1.0-b4 | |
| Checkmk NagVis | =2.1.0-b5 | |
| Checkmk NagVis | =2.1.0-b6 | |
| Checkmk NagVis | =2.1.0-b7 | |
| Checkmk NagVis | =2.1.0-b8 | |
| Checkmk NagVis | =2.1.0-b9 | |
| Checkmk NagVis | =2.1.0-p1 | |
| Checkmk NagVis | =2.1.0-p2 | |
| Checkmk NagVis | =2.1.0-p3 | |
| Checkmk NagVis | =2.2.0-i1 | |
| Checkmk NagVis | =1.6.0 | |
| Checkmk NagVis | =1.6.0-b1 | |
| Checkmk NagVis | =1.6.0-b10 | |
| Checkmk NagVis | =1.6.0-b12 | |
| Checkmk NagVis | =1.6.0-b3 | |
| Checkmk NagVis | =1.6.0-b4 | |
| Checkmk NagVis | =1.6.0-b5 | |
| Checkmk NagVis | =1.6.0-b9 | |
| Checkmk NagVis | =1.6.0-p1 | |
| Checkmk NagVis | =1.6.0-p10 | |
| Checkmk NagVis | =1.6.0-p11 | |
| Checkmk NagVis | =1.6.0-p12 | |
| Checkmk NagVis | =1.6.0-p13 | |
| Checkmk NagVis | =1.6.0-p14 | |
| Checkmk NagVis | =1.6.0-p15 | |
| Checkmk NagVis | =1.6.0-p16 | |
| Checkmk NagVis | =1.6.0-p19 | |
| Checkmk NagVis | =1.6.0-p2 | |
| Checkmk NagVis | =1.6.0-p20 | |
| Checkmk NagVis | =1.6.0-p21 | |
| Checkmk NagVis | =1.6.0-p22 | |
| Checkmk NagVis | =1.6.0-p23 | |
| Checkmk NagVis | =1.6.0-p24 | |
| Checkmk NagVis | =1.6.0-p25 | |
| Checkmk NagVis | =1.6.0-p26 | |
| Checkmk NagVis | =1.6.0-p27 | |
| Checkmk NagVis | =1.6.0-p28 | |
| Checkmk NagVis | =1.6.0-p29 | |
| Checkmk NagVis | =2.0.0 | |
| Checkmk NagVis | =2.0.0-b1 | |
| Checkmk NagVis | =2.0.0-b2 | |
| Checkmk NagVis | =2.0.0-b3 | |
| Checkmk NagVis | =2.0.0-b4 | |
| Checkmk NagVis | =2.0.0-b5 | |
| Checkmk NagVis | =2.0.0-b6 | |
| Checkmk NagVis | =2.0.0-b7 | |
| Checkmk NagVis | =2.0.0-b8 | |
| Checkmk NagVis | =2.0.0-p1 | |
| Checkmk NagVis | =2.0.0-p10 | |
| Checkmk NagVis | =2.0.0-p11 | |
| Checkmk NagVis | =2.0.0-p12 | |
| Checkmk NagVis | =2.0.0-p13 | |
| Checkmk NagVis | =2.0.0-p14 | |
| Checkmk NagVis | =2.0.0-p15 | |
| Checkmk NagVis | =2.0.0-p16 | |
| Checkmk NagVis | =2.0.0-p17 | |
| Checkmk NagVis | =2.0.0-p18 | |
| Checkmk NagVis | =2.0.0-p19 | |
| Checkmk NagVis | =2.0.0-p2 | |
| Checkmk NagVis | =2.0.0-p20 | |
| Checkmk NagVis | =2.0.0-p21 | |
| Checkmk NagVis | =2.0.0-p22 | |
| Checkmk NagVis | =2.0.0-p23 | |
| Checkmk NagVis | =2.0.0-p24 | |
| Checkmk NagVis | =2.0.0-p25 | |
| Checkmk NagVis | =2.0.0-p26 | |
| Checkmk NagVis | =2.1.0-b1 | |
| Checkmk NagVis | =2.1.0-b2 | |
| Checkmk NagVis | =2.1.0-b3 | |
| Checkmk NagVis | =2.1.0-b4 | |
| Checkmk NagVis | =2.1.0-b5 | |
| Checkmk NagVis | =2.1.0-b6 | |
| Checkmk NagVis | =2.1.0-b7 | |
| Checkmk NagVis | =2.1.0-b8 | |
| Checkmk NagVis | =2.1.0-b9 | |
| Checkmk NagVis | =2.1.0-p1 | |
| Checkmk NagVis | =2.1.0-p2 | |
| Checkmk NagVis | =2.1.0-p3 | |
| Checkmk NagVis | =2.2.0-i1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-33912?
CVE-2022-33912 has been classified with a medium severity level.
How do I fix CVE-2022-33912?
To fix CVE-2022-33912, ensure that you upgrade to a secure version of the Checkmk software that addresses the permission issues.
Who is affected by CVE-2022-33912?
CVE-2022-33912 affects users who deployed the shipped version of the Checkmk Debian package.
What versions of Checkmk are vulnerable to CVE-2022-33912?
CVE-2022-33912 impacts Checkmk versions 1.6.0 through subsequent revisions including 2.0.0 and 2.1.0.
Are Checkmk agent bakery packages affected by CVE-2022-33912?
No, packages created by the agent bakery are not affected by CVE-2022-33912.
- agent/type
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/tribe29
- canonical/checkmk nagvis
- version/checkmk nagvis/1.6.0
- version/checkmk nagvis/1.6.0-b1
- version/checkmk nagvis/1.6.0-b10
- version/checkmk nagvis/1.6.0-b12
- version/checkmk nagvis/1.6.0-b3
- version/checkmk nagvis/1.6.0-b4
- version/checkmk nagvis/1.6.0-b5
- version/checkmk nagvis/1.6.0-b9
- version/checkmk nagvis/1.6.0-p1
- version/checkmk nagvis/1.6.0-p10
- version/checkmk nagvis/1.6.0-p11
- version/checkmk nagvis/1.6.0-p12
- version/checkmk nagvis/1.6.0-p13
- version/checkmk nagvis/1.6.0-p14
- version/checkmk nagvis/1.6.0-p15
- version/checkmk nagvis/1.6.0-p16
- version/checkmk nagvis/1.6.0-p19
- version/checkmk nagvis/1.6.0-p2
- version/checkmk nagvis/1.6.0-p20
- version/checkmk nagvis/1.6.0-p21
- version/checkmk nagvis/1.6.0-p22
- version/checkmk nagvis/1.6.0-p23
- version/checkmk nagvis/1.6.0-p24
- version/checkmk nagvis/1.6.0-p25
- version/checkmk nagvis/1.6.0-p26
- version/checkmk nagvis/1.6.0-p27
- version/checkmk nagvis/1.6.0-p28
- version/checkmk nagvis/1.6.0-p29
- version/checkmk nagvis/1.6.0b10
- version/checkmk nagvis/1.6.0b11
- version/checkmk nagvis/2.0.0
- version/checkmk nagvis/2.0.0-b1
- version/checkmk nagvis/2.0.0-b2
- version/checkmk nagvis/2.0.0-b3
- version/checkmk nagvis/2.0.0-b4
- version/checkmk nagvis/2.0.0-b5
- version/checkmk nagvis/2.0.0-b6
- version/checkmk nagvis/2.0.0-b7
- version/checkmk nagvis/2.0.0-b8
- version/checkmk nagvis/2.0.0-p1
- version/checkmk nagvis/2.0.0-p10
- version/checkmk nagvis/2.0.0-p11
- version/checkmk nagvis/2.0.0-p12
- version/checkmk nagvis/2.0.0-p13
- version/checkmk nagvis/2.0.0-p14
- version/checkmk nagvis/2.0.0-p15
- version/checkmk nagvis/2.0.0-p16
- version/checkmk nagvis/2.0.0-p17
- version/checkmk nagvis/2.0.0-p18
- version/checkmk nagvis/2.0.0-p19
- version/checkmk nagvis/2.0.0-p2
- version/checkmk nagvis/2.0.0-p20
- version/checkmk nagvis/2.0.0-p21
- version/checkmk nagvis/2.0.0-p22
- version/checkmk nagvis/2.0.0-p23
- version/checkmk nagvis/2.0.0-p24
- version/checkmk nagvis/2.0.0-p25
- version/checkmk nagvis/2.0.0-p26
- version/checkmk nagvis/2.1.0-b1
- version/checkmk nagvis/2.1.0-b2
- version/checkmk nagvis/2.1.0-b3
- version/checkmk nagvis/2.1.0-b4
- version/checkmk nagvis/2.1.0-b5
- version/checkmk nagvis/2.1.0-b6
- version/checkmk nagvis/2.1.0-b7
- version/checkmk nagvis/2.1.0-b8
- version/checkmk nagvis/2.1.0-b9
- version/checkmk nagvis/2.1.0-p1
- version/checkmk nagvis/2.1.0-p2
- version/checkmk nagvis/2.1.0-p3
- version/checkmk nagvis/2.2.0-i1
- vendor/checkmk