CVE-2023-22288

CVSS V2 None CVSS V3 None
Description
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails
Overview
  • CVE ID
  • CVE-2023-22288
  • Assigner
  • security@checkmk.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-03-20T16:15:13
  • Last Modified Date
  • 2023-03-23T18:37:25
Weakness Enumerations
CWE URL
CWE-79 http://cwe.mitre.org/data/definitions/79.html
CWE-138 http://cwe.mitre.org/data/definitions/138.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:* 1 OR 1.6.0 2.0.0
cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:* 1 OR
cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:* 1 OR
References
Reference URL Reference Tags
https://checkmk.com/werk/15069 Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-22288
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22288
History
Created Old Value New Value Data Type Notes
2023-04-17 03:00:39 Added to TrackCVE
2023-04-17 03:00:43 Weakness Enumeration new