CVE-2022-43440
HIGHCheckmk Agent <2.1.0p1-1.6.0p29 - Privilege Escalation
Title source: llmDescription
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable
References (1)
Scores
CVSS v3
8.8
EPSS
0.0007
EPSS Percentile
20.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Classification
CWE
CWE-427
Status
published
Affected Products (50)
checkmk/checkmk
< 1.6.0
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
... and 35 more
Timeline
Published
Feb 09, 2023
Tracked Since
Feb 18, 2026