{"id":"CVE-2023-31210","details":"Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries","modified":"2026-04-10T04:57:36.019122Z","published":"2023-12-13T09:15:34.080Z","references":[{"type":"ADVISORY","url":"https://checkmk.com/werk/16226"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/checkmk/checkmk","events":[{"introduced":"0"},{"last_affected":"324bd38f5b76f73f236e495af0c9228b65d15528"},{"introduced":"0"},{"last_affected":"0d2681c53226611c965c0d94ff233e497b5a4317"},{"introduced":"0"},{"last_affected":"5cf0476d6b0cba20b3aafb01b187c63a9fda92bd"},{"introduced":"0"},{"last_affected":"5554a04b2c158ae9b0e01ef1b591fe3702ea5ac0"},{"introduced":"0"},{"last_affected":"eda43696c54223b7b5fdcf3f4c3a44ab841061fe"},{"introduced":"0"},{"last_affected":"e5861f0cab1099a17d23657c9ed1054590f5c769"},{"introduced":"0"},{"last_affected":"4cbff4e1a0ac90dc4d91939fc63184a0fcc0c3da"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.2.0-p10"},{"introduced":"0"},{"last_affected":"2.2.0-p11"},{"introduced":"0"},{"last_affected":"2.2.0-p12"},{"introduced":"0"},{"last_affected":"2.2.0-p13"},{"introduced":"0"},{"last_affected":"2.2.0-p14"},{"introduced":"0"},{"last_affected":"2.2.0-p15"},{"introduced":"0"},{"last_affected":"2.2.0-p16"}]}}],"versions":["1.1.0beta17","v1.1.0","v1.1.10","v1.1.10b1","v1.1.10b2","v1.1.11i1","v1.1.11i2","v1.1.11i3","v1.1.13i2","v1.1.13i3","v1.1.2","v1.1.3","v1.1.4","v1.1.6","v1.1.6b2","v1.1.7i2","v1.1.7i3","v1.1.7i4","v1.1.7i5","v1.1.8","v1.1.8b1","v1.1.8b2","v1.1.8b3","v1.1.9i1","v1.1.9i3","v1.1.9i4","v1.1.9i5","v1.1.9i7","v1.1.9i8","v1.1.9i9","v1.2.0b2","v1.2.0b3","v1.2.0b4","v1.2.0p1","v1.2.1i5","v1.2.3i4","v1.2.3i5","v1.2.3i6","v1.2.5i1","v1.2.5i6","v1.4.0i1","v1.4.0i2","v1.4.0i3","v1.5.0i1","v1.5.0i2","v1.5.0i3","v1.6.0b1","v2.0.0i1","v2.2.0","v2.2.0-rc1","v2.2.0b1","v2.2.0b1-rc1","v2.2.0b1-rc2","v2.2.0b2","v2.2.0b2-rc1","v2.2.0b3","v2.2.0b3-rc1","v2.2.0b4","v2.2.0b4-rc1","v2.2.0b5","v2.2.0b5-rc1","v2.2.0b5-rc2","v2.2.0b6","v2.2.0b6-rc1","v2.2.0b7","v2.2.0b7-rc1","v2.2.0b8","v2.2.0b8-rc1","v2.2.0p1","v2.2.0p1-rc1","v2.2.0p10","v2.2.0p10-rc1","v2.2.0p11","v2.2.0p11-rc1","v2.2.0p12","v2.2.0p12-rc1","v2.2.0p13","v2.2.0p13-rc1","v2.2.0p13-rc2","v2.2.0p14","v2.2.0p14-rc1","v2.2.0p14-rc2","v2.2.0p15","v2.2.0p15-rc1","v2.2.0p15-rc2","v2.2.0p16","v2.2.0p16-rc1","v2.2.0p16-rc2","v2.2.0p16-rc3","v2.2.0p2","v2.2.0p2-rc1","v2.2.0p3","v2.2.0p3-rc1","v2.2.0p4","v2.2.0p4-rc1","v2.2.0p4-rc2","v2.2.0p5","v2.2.0p5-rc1","v2.2.0p6","v2.2.0p6-rc1","v2.2.0p6-rc2","v2.2.0p6-rc3","v2.2.0p7","v2.2.0p7-rc1","v2.2.0p8","v2.2.0p8-rc1","v2.2.0p8-rc2","v2.2.0p9","v2.2.0p9-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31210.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}