First published: Mon Jun 26 2023(Updated: )
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.
Credit: security@checkmk.com security@checkmk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tribe29 Checkmk | =2.2.0 | |
Tribe29 Checkmk | =2.2.0-b1 | |
Tribe29 Checkmk | =2.2.0-b2 | |
Tribe29 Checkmk | =2.2.0-b3 | |
Tribe29 Checkmk | =2.2.0-b4 | |
Tribe29 Checkmk | =2.2.0-b5 | |
Tribe29 Checkmk | =2.2.0-b6 | |
Tribe29 Checkmk | =2.2.0-b7 | |
Tribe29 Checkmk | =2.2.0-b8 | |
Tribe29 Checkmk | =2.2.0-i1 | |
Tribe29 Checkmk | =2.2.0-p1 | |
Tribe29 Checkmk | =2.2.0-p2 | |
Tribe29 Checkmk | =2.2.0-p3 | |
Tribe29 Checkmk | =2.2.0-p4 | |
Checkmk Checkmk | =2.2.0 | |
Checkmk Checkmk | =2.2.0-b1 | |
Checkmk Checkmk | =2.2.0-b2 | |
Checkmk Checkmk | =2.2.0-b3 | |
Checkmk Checkmk | =2.2.0-b4 | |
Checkmk Checkmk | =2.2.0-b5 | |
Checkmk Checkmk | =2.2.0-b6 | |
Checkmk Checkmk | =2.2.0-b7 | |
Checkmk Checkmk | =2.2.0-b8 | |
Checkmk Checkmk | =2.2.0-i1 | |
Checkmk Checkmk | =2.2.0-p1 | |
Checkmk Checkmk | =2.2.0-p2 | |
Checkmk Checkmk | =2.2.0-p3 | |
Checkmk Checkmk | =2.2.0-p4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-22359 is a vulnerability in Checkmk <=2.2.0p4 that allows an authenticated attacker to enumerate usernames.
CVE-2023-22359 has a severity rating of medium with a CVSS score of 4.3.
Checkmk versions 2.2.0 up to and including 2.2.0p4 are affected by CVE-2023-22359.
An authenticated attacker can exploit CVE-2023-22359 to enumerate usernames in Checkmk.
Yes, a fix for CVE-2023-22359 is available. It is recommended to update to a version of Checkmk that is not affected by the vulnerability.