CVE-2022-46303 Information

Description

Command injection in SMS notifications in Tribe29 Checkmk <= 2.1.0p10 Checkmk <= 2.0.0p27 and Checkmk <= 1.6.0p29 allows an attacker with User Management permissions as well as LDAP administrators in certain scenarios to perform arbitrary commands within the context of the application’s local permissions.

Reference

https://checkmk.com/werk/14381