CVE-2023-1768

Published: Apr 4, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations.

Affected (135)

Products: Checkmk: Checkmk · Tribe29: Checkmk

1 product

1 product

Configuration A

135 vulnerable

Vulnerable Software	Affected Versions
Checkmk Checkmk	Version 1.6.0
Checkmk Checkmk	Version 1.6.0 b10
Checkmk Checkmk	Version 1.6.0 b11
Checkmk Checkmk	Version 1.6.0 b12
Checkmk Checkmk	Version 1.6.0 b1
Checkmk Checkmk	Version 1.6.0 b2
Checkmk Checkmk	Version 1.6.0 b3
Checkmk Checkmk	Version 1.6.0 b4
Checkmk Checkmk	Version 1.6.0 b5
Checkmk Checkmk	Version 1.6.0 b6
Checkmk Checkmk	Version 1.6.0 b7
Checkmk Checkmk	Version 1.6.0 b8
Checkmk Checkmk	Version 1.6.0 b9
Checkmk Checkmk	Version 1.6.0 p10
Checkmk Checkmk	Version 1.6.0 p11
Checkmk Checkmk	Version 1.6.0 p12
Checkmk Checkmk	Version 1.6.0 p13
Checkmk Checkmk	Version 1.6.0 p14
Checkmk Checkmk	Version 1.6.0 p15
Checkmk Checkmk	Version 1.6.0 p16
Checkmk Checkmk	Version 1.6.0 p17
Checkmk Checkmk	Version 1.6.0 p18
Checkmk Checkmk	Version 1.6.0 p19
Checkmk Checkmk	Version 1.6.0 p1
Checkmk Checkmk	Version 1.6.0 p20
Checkmk Checkmk	Version 1.6.0 p21
Checkmk Checkmk	Version 1.6.0 p22
Checkmk Checkmk	Version 1.6.0 p23
Checkmk Checkmk	Version 1.6.0 p24
Checkmk Checkmk	Version 1.6.0 p25
Checkmk Checkmk	Version 1.6.0 p26
Checkmk Checkmk	Version 1.6.0 p27
Checkmk Checkmk	Version 1.6.0 p28
Checkmk Checkmk	Version 1.6.0 p29
Checkmk Checkmk	Version 1.6.0 p2
Checkmk Checkmk	Version 1.6.0 p3
Checkmk Checkmk	Version 1.6.0 p4
Checkmk Checkmk	Version 1.6.0 p5
Checkmk Checkmk	Version 1.6.0 p6
Checkmk Checkmk	Version 1.6.0 p7
Checkmk Checkmk	Version 1.6.0 p8
Checkmk Checkmk	Version 1.6.0 p9
Checkmk Checkmk	Version 2.0.0
Checkmk Checkmk	Version 2.0.0 b1
Checkmk Checkmk	Version 2.0.0 b2
Checkmk Checkmk	Version 2.0.0 b3
Checkmk Checkmk	Version 2.0.0 b4
Checkmk Checkmk	Version 2.0.0 b5
Checkmk Checkmk	Version 2.0.0 b6
Checkmk Checkmk	Version 2.0.0 b7
Checkmk Checkmk	Version 2.0.0 b8
Checkmk Checkmk	Version 2.0.0 i1
Checkmk Checkmk	Version 2.0.0 p10
Checkmk Checkmk	Version 2.0.0 p11
Checkmk Checkmk	Version 2.0.0 p12
Checkmk Checkmk	Version 2.0.0 p13
Checkmk Checkmk	Version 2.0.0 p14
Checkmk Checkmk	Version 2.0.0 p15
Checkmk Checkmk	Version 2.0.0 p16
Checkmk Checkmk	Version 2.0.0 p17
Checkmk Checkmk	Version 2.0.0 p18
Checkmk Checkmk	Version 2.0.0 p19
Checkmk Checkmk	Version 2.0.0 p1
Checkmk Checkmk	Version 2.0.0 p20
Checkmk Checkmk	Version 2.0.0 p21
Checkmk Checkmk	Version 2.0.0 p22
Checkmk Checkmk	Version 2.0.0 p23
Checkmk Checkmk	Version 2.0.0 p24
Checkmk Checkmk	Version 2.0.0 p25
Checkmk Checkmk	Version 2.0.0 p26
Checkmk Checkmk	Version 2.0.0 p27
Checkmk Checkmk	Version 2.0.0 p28
Checkmk Checkmk	Version 2.0.0 p29
Checkmk Checkmk	Version 2.0.0 p2
Checkmk Checkmk	Version 2.0.0 p30
Checkmk Checkmk	Version 2.0.0 p31
Checkmk Checkmk	Version 2.0.0 p32
Checkmk Checkmk	Version 2.0.0 p33
Checkmk Checkmk	Version 2.0.0 p34
Checkmk Checkmk	Version 2.0.0 p3
Checkmk Checkmk	Version 2.0.0 p4
Checkmk Checkmk	Version 2.0.0 p5
Checkmk Checkmk	Version 2.0.0 p6
Checkmk Checkmk	Version 2.0.0 p7
Checkmk Checkmk	Version 2.0.0 p8
Checkmk Checkmk	Version 2.0.0 p9
Checkmk Checkmk	Version 2.1.0
Checkmk Checkmk	Version 2.1.0 b1
Checkmk Checkmk	Version 2.1.0 b2
Checkmk Checkmk	Version 2.1.0 b3
Checkmk Checkmk	Version 2.1.0 b4
Checkmk Checkmk	Version 2.1.0 b5
Checkmk Checkmk	Version 2.1.0 b6
Checkmk Checkmk	Version 2.1.0 b7
Checkmk Checkmk	Version 2.1.0 b8
Checkmk Checkmk	Version 2.1.0 b9
Checkmk Checkmk	Version 2.1.0 p10
Checkmk Checkmk	Version 2.1.0 p11
Checkmk Checkmk	Version 2.1.0 p12
Checkmk Checkmk	Version 2.1.0 p13
Checkmk Checkmk	Version 2.1.0 p14
Checkmk Checkmk	Version 2.1.0 p15
Checkmk Checkmk	Version 2.1.0 p16
Checkmk Checkmk	Version 2.1.0 p17
Checkmk Checkmk	Version 2.1.0 p18
Checkmk Checkmk	Version 2.1.0 p1
Checkmk Checkmk	Version 2.1.0 p20
Checkmk Checkmk	Version 2.1.0 p21
Checkmk Checkmk	Version 2.1.0 p22
Checkmk Checkmk	Version 2.1.0 p23
Checkmk Checkmk	Version 2.1.0 p24
Checkmk Checkmk	Version 2.1.0 p25
Checkmk Checkmk	Version 2.1.0 p2
Checkmk Checkmk	Version 2.1.0 p3
Checkmk Checkmk	Version 2.1.0 p4
Checkmk Checkmk	Version 2.1.0 p5
Checkmk Checkmk	Version 2.1.0 p6
Checkmk Checkmk	Version 2.1.0 p7
Checkmk Checkmk	Version 2.1.0 p8
Checkmk Checkmk	Version 2.1.0 p9
Checkmk Checkmk	Version 2.2.0
Checkmk Checkmk	Version 2.2.0 b1
Checkmk Checkmk	Version 2.2.0 b2
Checkmk Checkmk	Version 2.2.0 b3
Tribe29 Checkmk	Version 1.6.0b10
Tribe29 Checkmk	Version 1.6.0b11
Tribe29 Checkmk	Version 1.6.0p10
Tribe29 Checkmk	Version 1.6.0p11
Tribe29 Checkmk	Version 1.6.0p12
Tribe29 Checkmk	Version 1.6.0p13
Tribe29 Checkmk	Version 1.6.0p14
Tribe29 Checkmk	Version 1.6.0p15
Tribe29 Checkmk	Version 1.6.0p16
Tribe29 Checkmk	Version 1.6.0p17
Tribe29 Checkmk	Version 1.6.0p18

Related CWEs

CWE-446

UI Discrepancy for Security Feature

The user interface does not correctly enable or configure a security feature, but the interface provides feedback that causes the user to believe that the feature is in a secure state.

References (2)

https://checkmk.com/werk/15423

Source: security@checkmk.com

PatchVendor Advisory

https://checkmk.com/werk/15423

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.