CVE-2023-6740 | Checkmk up to 2.0.0p38/2.1.0p36/2.2.0p16 jar_signature Agent Plugin uncontrolled search path

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability was found in Checkmk up to 2.0.0p38/2.1.0p36/2.2.0p16. It has been declared as critical. This vulnerability affects unknown code of the component jar_signature Agent Plugin. The manipulation leads to uncontrolled search path.

This vulnerability was named CVE-2023-6740. Attacking locally is a requirement. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-6740 | Checkmk up to 2.0.0p38/2.1.0p36/2.2.0p16 jar_signature Agent Plugin uncontrolled search path

Related Posts

CVE-2024-7484 | CRM Perks Forms Plugin up to 1.1.3 on WordPress unrestricted upload

CVE-2024-1403 | Progress OpenEdge up to 11.7.18/12.2.13/12.8.0 authentication bypass

CVE-2024-31447 | Shopware Security Plugin up to 6.5.8.7/6.6.1.0 on Symfony logout session expiration

CVE-2024-7468 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface list_service_manage.php sslvpn_config_mod template/stylenum os command injection