CVE-2024-28824

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://checkmk.com/werk/16198

Configurations

No configuration.

History

No history.

Information

Published : 2024-03-22 11:15

Updated : 2024-03-22 12:45

NVD link : CVE-2024-28824

Mitre link : CVE-2024-28824

CVE.ORG link : CVE-2024-28824

JSON object : View

Products Affected

No product.

CWE

CWE-272

Least Privilege Violation

CWE-807

Reliance on Untrusted Inputs in a Security Decision

8.8 /10