CVE-2023-31210

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 13, 2023

Updated: Jul 23, 2024

CWE ID 427

Summary

CVE-2023-31210 is a vulnerability affecting Checkmk versions 2.2.0p10 to 2.2.0p16. This issue arises from the usage of user-controlled LD_LIBRARY_PATH in the Checkmk agent. Malicious Checkmk site users can exploit this vulnerability by injecting malicious libraries, resulting in escalated privileges. This weakness exposes systems running the affected Checkmk versions to potential security risks, necessitating prompt patching or mitigation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Checkmk

Affected Vendors

Check MK

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tyewMJ
https://www.cve.org/CVERecord?id=CVE-2023-31210
https://nvd.nist.gov/vuln/detail/CVE-2023-31210

Back to Vulnerability Database