CVE-2024-38859
published 2024-08-26CVE-2024-38859: XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to…
PriorityP428medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.42%
33.6th percentile
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by other users.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk_gmbh | checkmk | 2.0.0 – 2.0.0p39 | — |
| checkmk_gmbh | checkmk | >= 2.1.0 < 2.1.0p47 | 2.1.0p47 |
| checkmk_gmbh | checkmk | >= 2.2.0 < 2.2.0p33 | 2.2.0p33 |
| checkmk_gmbh | checkmk | >= 2.3.0 < 2.3.0p14 | 2.3.0p14 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv4.04.8MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv4.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5554-3cr8-7rwc: XSS in the view page with the SLA column configured in Checkmk versions prior to 2
ghsa_unreviewed·2024-08-26
CVE-2024-38859 [MEDIUM] CWE-79 GHSA-5554-3cr8-7rwc: XSS in the view page with the SLA column configured in Checkmk versions prior to 2
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by other users.
OSV
CVE-2024-38859: XSS in the view page with the SLA column configured in Checkmk versions prior to 2
osv·2024-08-26·CVSS 4.8
CVE-2024-38859 [MEDIUM] CVE-2024-38859: XSS in the view page with the SLA column configured in Checkmk versions prior to 2
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to execute arbitrary scripts by injecting HTML elements into the SLA column title. These scripts could be executed when the view page was cloned by other users.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-08-26
Published