CVE-2023-31210
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Dec 13, 2023
Updated: Jul 23, 2024
CWE ID 427
Summary
CVE-2023-31210 is a vulnerability affecting Checkmk versions 2.2.0p10 to 2.2.0p16. This issue arises from the usage of user-controlled LD_LIBRARY_PATH in the Checkmk agent. Malicious Checkmk site users can exploit this vulnerability by injecting malicious libraries, resulting in escalated privileges. This weakness exposes systems running the affected Checkmk versions to potential security risks, necessitating prompt patching or mitigation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Checkmk
Affected Vendors
- Check MK