Unrated severityNVD Advisory· Published Aug 31, 2015· Updated May 6, 2026

CVE-2014-2330

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors.

Affected products

Check Mk Project/Check Mk
cpe:2.3:a:check_mk_project:check_mk:*:*:*:*:*:*:*:*
Range: <=1.2.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

mathias-kettner.de/check_mk_werks.phpnvdVendor Advisory
www.securityfocus.com/archive/1/531594nvd
www.securityfocus.com/bid/66389nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000