Arbitrary Command Execution in Checkmk's RestAPI due to Improper Sanitization
CVE-2024-38865
6MEDIUM
Summary
The Checkmk RestAPI is susceptible to a security vulnerability that allows unauthorized execution of arbitrary livestatus commands due to improper neutralization of command delimiters. This flaw exists in specific endpoints and can be exploited if the attacker has a user account assigned to a contact group, and the malicious event originates from a host within the same contact group, or from an event generated with an unknown host. Successful exploitation could lead to unauthorized manipulation and execution of commands, potentially compromising the integrity of the system.
Affected Version(s)
Checkmk 2.3.0 < 2.3.0p25
Checkmk 2.2.0 < 2.2.0p39
Checkmk 2.1.0 <= 2.1.0p50
References
CVSS V4
Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved