CVE-2017-14955

Source
https://cve.org/CVERecord?id=CVE-2017-14955
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14955.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-14955
Downstream
Published
2017-10-02T01:29:00.390Z
Modified
2026-07-08T05:55:35.375701903Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report.

Database specific
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:checkmk:checkmk:1.2.7:i4:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.2.7-i4"
                },
                {
                    "last_affected": "1.2.7-i4"
                }
            ],
            "vendor_product": "checkmk:checkmk",
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/checkmk/checkmk

Affected ranges

Type
GIT
Repo
https://github.com/checkmk/checkmk
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:checkmk:checkmk:1.2.3:i6:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.3:i7:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.4:b1:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.5:i1:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.5:i2:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.5:i3:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.5:i4:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.5:i5:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.5:i6:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.6:b1:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.6:b2:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.6:p13:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.7:i1:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.7:i1p2:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.7:i2:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.7:i3:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.8:p18:*:*:*:*:*:*",
        "cpe:2.3:a:checkmk:checkmk:1.2.8:p25:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "1.2.3-i6"
        },
        {
            "last_affected": "1.2.3-i6"
        },
        {
            "introduced": "1.2.3-i7"
        },
        {
            "last_affected": "1.2.3-i7"
        },
        {
            "introduced": "1.2.4-b1"
        },
        {
            "last_affected": "1.2.4-b1"
        },
        {
            "introduced": "1.2.5-i1"
        },
        {
            "last_affected": "1.2.5-i1"
        },
        {
            "introduced": "1.2.5-i2"
        },
        {
            "last_affected": "1.2.5-i2"
        },
        {
            "introduced": "1.2.5-i3"
        },
        {
            "last_affected": "1.2.5-i3"
        },
        {
            "introduced": "1.2.5-i4"
        },
        {
            "last_affected": "1.2.5-i4"
        },
        {
            "introduced": "1.2.5-i5"
        },
        {
            "last_affected": "1.2.5-i5"
        },
        {
            "introduced": "1.2.5-i6"
        },
        {
            "last_affected": "1.2.5-i6"
        },
        {
            "introduced": "1.2.6-b1"
        },
        {
            "last_affected": "1.2.6-b1"
        },
        {
            "introduced": "1.2.6-b2"
        },
        {
            "last_affected": "1.2.6-b2"
        },
        {
            "introduced": "1.2.6-p13"
        },
        {
            "last_affected": "1.2.6-p13"
        },
        {
            "introduced": "1.2.7-i1"
        },
        {
            "last_affected": "1.2.7-i1"
        },
        {
            "introduced": "1.2.7-i1p2"
        },
        {
            "last_affected": "1.2.7-i1p2"
        },
        {
            "introduced": "1.2.7-i2"
        },
        {
            "last_affected": "1.2.7-i2"
        },
        {
            "introduced": "1.2.7-i3"
        },
        {
            "last_affected": "1.2.7-i3"
        },
        {
            "introduced": "1.2.8-p18"
        },
        {
            "last_affected": "1.2.8-p18"
        },
        {
            "introduced": "1.2.8-p25"
        },
        {
            "last_affected": "1.2.8-p25"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

1.*
1.2.3-i6
1.2.3-i7
1.2.4-b1
1.2.5-i1
1.2.5-i2
1.2.5-i3
1.2.5-i4
1.2.5-i5
1.2.5-i6
1.2.6-b1
1.2.6-b2
1.2.6-p13
1.2.7-i1
1.2.7-i1p2
1.2.7-i2
1.2.7-i3
1.2.8-p18
1.2.8-p25
v1.*
v1.2.3i6
v1.2.5i1
v1.2.5i6
v1.2.8
v1.2.8b1
v1.2.8b10
v1.2.8b11
v1.2.8b12
v1.2.8b13
v1.2.8b2
v1.2.8b3
v1.2.8b4
v1.2.8b5
v1.2.8b6
v1.2.8b7
v1.2.8b8
v1.2.8b9
v1.2.8p1
v1.2.8p10
v1.2.8p11
v1.2.8p12
v1.2.8p13
v1.2.8p14
v1.2.8p15
v1.2.8p16
v1.2.8p17
v1.2.8p18
v1.2.8p19
v1.2.8p2
v1.2.8p20
v1.2.8p21
v1.2.8p22
v1.2.8p23
v1.2.8p24
v1.2.8p25
v1.2.8p3
v1.2.8p4
v1.2.8p5
v1.2.8p6
v1.2.8p7
v1.2.8p8
v1.2.8p9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14955.json"