Test ID:	1.3.6.1.4.1.25623.1.0.126755
Category:	Privilege escalation
Title:	Checkmk < 2.1.0p41, 2.2.x < 2.2.0p24, 2.3.x < 2.3.0b4 Multiple Privilege Escalation Vulnerabilities
Summary:	Checkmk is prone to multiple privilege escalation; vulnerabilities.
Description:	Summary: Checkmk is prone to multiple privilege escalation vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2024-0638: The agent plugins mk_oracle, mk_oracle.ps1 and mk_oracle_crs were vulnerable to privilege escalation to root by the oracle user. A malicious oracle user could replace a binary (e.g. sqlplus) with another script and put it in the corresponding directory. The script would be executed by the root user. - CVE-2024-28824: The informix database monitoring plugin would previously eval statements parsed from $INFORMIXDIR/bin/onstat. Since the plugin is usually run as root, this could cause statements injected in $INFORMIXDIR/bin/onstat to be run as root as well. By adding scripts named the same as other functionality found in $PATH to $INFORMIXDIR/bin, $PATH functionality could also be overshadowed and the custom executed as root. Finally, $INFORMIXDIR/bin/onstat would be executed as root, allowing a substituted script to be run with elevated privileges. Affected Software/OS: Checkmk versions prior to 2.1.0p41, 2.2.x prior to 2.2.0p24 and 2.3.x prior to 2.3.0b4. Solution: Update to version 2.1.0p41, 2.2.0p24, 2.3.0b4 or later. CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-0638 https://checkmk.com/werk/16232 Common Vulnerability Exposure (CVE) ID: CVE-2024-28824 https://checkmk.com/werk/16198
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.