Vulnerability Details : CVE-2021-40906
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2021-40906
- cpe:2.3:a:tribe29:checkmk:1.6.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:tribe29:checkmk:1.6.0b11:*:*:*:*:*:*:*
- cpe:2.3:a:tribe29:checkmk:1.6.0p10:*:*:*:*:*:*:*
- cpe:2.3:a:tribe29:checkmk:1.6.0p17:*:*:*:*:*:*:*
- cpe:2.3:a:tribe29:checkmk:1.6.0p18:*:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p1:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p10:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p11:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p12:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p13:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p14:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p15:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p16:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p2:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p3:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p4:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p5:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p6:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p7:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p8:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p9:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b1:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b10:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b12:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b3:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b4:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b5:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:b9:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p19:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p20:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p21:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p22:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p23:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p24:*:*:*:*:*:*
- cpe:2.3:a:checkmk:checkmk:1.6.0:p25:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-40906
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-40906
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2021-40906
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-40906
-
https://github.com/Edgarloyola/CVE-2021-40906
GitHub - Edgarloyola/CVE-2021-40906Third Party Advisory
-
http://checkmk.com
Infrastructure & Application Monitoring with CheckmkProduct
Jump to