CVE-2024-3367
MEDIUMCheckmk <2.2.0p26,<2.3.0b5 - Command Injection
Title source: llmDescription
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc
References (1)
Scores
CVSS v3
6.5
EPSS
0.0010
EPSS Percentile
27.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Classification
CWE
CWE-88
Status
published
Affected Products (41)
checkmk/checkmk
< 2.0.0
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
checkmk/checkmk
... and 26 more
Timeline
Published
Apr 16, 2024
Tracked Since
Feb 18, 2026