CVE-2014-2332 Information

Description

Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link related to \Insecure Direct Object References.\ NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

Reference

http://www.securityfocus.com/archive/1/531594 http://www.securityfocus.com/archive/1/531656