Known Vulnerabilities for Checkmk by Tribe29
Listed below are 9 of the newest known vulnerabilities associated with "Checkmk" by "Tribe29".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33276 | Stored cross-site scripting (XSS) in Checkmk 2.5.0 (beta) before 2.5.0b2 allows authenticated users with permission to create... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-24096 | Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 (beta) before version 2.5.0b2 ... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-20915 | Stored cross-site scripting (XSS) in Checkmk version 2.5.0 (beta) before 2.5.0b2 allows authenticated users with permission t... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2022-24566 | In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not ... | 5.4 - MEDIUM | 2022-02-24 | 2022-03-02 |
| CVE-2022-24565 | Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vu... | 5.4 - MEDIUM | 2022-02-24 | 2022-03-02 |
| CVE-2022-24564 | Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help ... | 6.1 - MEDIUM | 2022-02-21 | 2022-03-02 |
| CVE-2021-40906 | CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an u... | 6.1 - MEDIUM | 2022-03-25 | 2022-04-04 |
| CVE-2021-40905 | ** DISPUTED ** The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitis... | 8.8 - HIGH | 2022-03-25 | 2023-11-07 |
| CVE-2021-40904 | The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki... | 8.8 - HIGH | 2022-03-25 | 2022-04-04 |
| CVE-2020-28919 | A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker... | 5.4 - MEDIUM | 2022-01-15 | 2022-01-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Tribe29 | Checkmk | 1.6.0 | p4 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | - | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b1 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b10 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b12 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b3 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b4 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b5 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | b9 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | p1 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | p2 | All | All |
| Application | Tribe29 | Checkmk | 1.6.0 | p3 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | p8 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | b1 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | b2 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | b9 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | i1 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | i2 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | i3 | All | All |
| Application | Tribe29 | Checkmk | 1.5.0 | i4 | All | All |