CVE-2023-22359

Published Jun 26, 2023

Last updated 3 months ago

CVSS medium 4.3

Overview

Description: User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.
Source: security@checkmk.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.3
Impact score: 1.4
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
security@checkmk.com: CWE-203

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39"
          },
          {
            "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References