CVE-2024-6572

MEDIUM Year: 2024
CVSS v3 Score
7.4
High
Weakness Type
CWE-322
View all →

Vulnerability Description

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 (EOL) allows man-in-the-middle attackers to intercept traffic

Related Vulnerabilities

CVE-2021-34433

HIGH
CVSS:7.5(High)

In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the ...

CWE-3222021

CVE-2024-7516

HIGH
CVSS:7.1(High)

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SS...

CWE-3222024

CVE-2024-4871

MEDIUM
CVSS:6.8(Medium)

A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-...

CWE-3222024

CVE-2024-47519

HIGH
CVSS:8.3(High)

Backup uploads to ETM subject to man-in-the-middle interception

CWE-3222024

CVE-2024-47519

HIGH
CVSS:8.3(High)

Backup uploads to ETM subject to man-in-the-middle interception

CWE-3222024

CVE-2021-34433

HIGH
CVSS:7.5(High)

In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the ...

CWE-3222021