CVE-2024-38863
UNKNOWN
Published 2024-10-14T07:19:07.625Z
Actions:
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2024-38863. We'll provide specific mitigation strategies based on your environment and risk profile.
No CVSS data available
Description
Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
⚠ Unreviewed
LOW
GHSA-wvvr-rxq8-c379
Advisory Details
Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.
CVSS Scoring
CVSS Score
2.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: October 14, 2024, Modified: December 3, 2024
References
Published: 2024-10-14T07:19:07.625Z
Last Modified: 2024-10-14T15:34:11.188Z
Copied to clipboard!