UBUNTU-CVE-2014-2330
- Source
- https://ubuntu.com/security/CVE-2014-2330
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-2330.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-2330
- Upstream
- Withdrawn
- 2025-07-18T16:43:00Z
- Published
- 2015-08-31T18:59:00Z
- Modified
- 2025-07-16T07:31:50.927904Z
- Severity
-
- Ubuntu - medium
- Summary
- [none]
- Details
-
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors.
- References
Affected packages
Ubuntu:14.04:LTS / check-mk
Package
- Name
- check-mk
- Purl
- pkg:deb/ubuntu/check-mk@1.2.2p3-1?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.2.2p3-1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-agent"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-agent-logwatch"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-config-icinga"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-config-nagios3"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-doc"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-livestatus"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-multisite"
},
{
"binary_version": "1.2.2p3-1",
"binary_name": "check-mk-server"
}
]
}