CVE-2024-38863
CVSS V2 None
CVSS V3 None
Description
Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.
Overview
- CVE ID
- CVE-2024-38863
- Assigner
- Checkmk
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-10-14T07:19:07.625Z
- Last Modified Date
- 2024-10-14T15:34:11.188Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://checkmk.com/werk/17096 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-38863 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38863 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-10-15 13:29:41 | Added to TrackCVE |