CVE-2022-4884

Description

Path-Traversal in MKP storing in Tribe29 Checkmk <=2.0.0p32 and <= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file.

CVSS Version 3.1

nvd

CVE ID: CVE-2022-4884
Base Score: 4.9
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Impact Score: 3.6
Exploitability Score: 1.2

checkmk

CVE ID: CVE-2022-4884
Base Score: 3.5
Base Severity: LOW
Vector String:CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L
Impact Score: 2.5
Exploitability Score: 0.9

Refrence: NVDMITRE