{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "1.2.8" }, { "introduced": "0" }, { "last_affected": "1.2.8-b1" }, { "introduced": "0" }, { "last_affected": "1.2.8-b10" }, { "introduced": "0" }, { "last_affected": "1.2.8-b11" }, { "introduced": "0" }, { "last_affected": "1.2.8-b2" }, { "introduced": "0" }, { "last_affected": "1.2.8-b3" }, { "introduced": "0" }, { "last_affected": "1.2.8-b4" }, { "introduced": "0" }, { "last_affected": "1.2.8-b5" }, { "introduced": "0" }, { "last_affected": "1.2.8-b6" }, { "introduced": "0" }, { "last_affected": "1.2.8-b7" }, { "introduced": "0" }, { "last_affected": "1.2.8-b8" }, { "introduced": "0" }, { "last_affected": "1.2.8-b9" }, { "introduced": "0" }, { "last_affected": "1.2.8-p1" }, { "introduced": "0" }, { "last_affected": "1.2.8-p10" }, { "introduced": "0" }, { "last_affected": "1.2.8-p11" }, { "introduced": "0" }, { "last_affected": "1.2.8-p12" }, { "introduced": "0" }, { "last_affected": "1.2.8-p13" }, { "introduced": "0" }, { "last_affected": "1.2.8-p14" }, { "introduced": "0" }, { "last_affected": "1.2.8-p15" }, { "introduced": "0" }, { "last_affected": "1.2.8-p16" }, { "introduced": "0" }, { "last_affected": "1.2.8-p17" }, { "introduced": "0" }, { "last_affected": "1.2.8-p18" }, { "introduced": "0" }, { "last_affected": "1.2.8-p19" }, { "introduced": "0" }, { "last_affected": "1.2.8-p2" }, { "introduced": "0" }, { "last_affected": "1.2.8-p20" }, { "introduced": "0" }, { "last_affected": "1.2.8-p21" }, { "introduced": "0" }, { "last_affected": "1.2.8-p22" }, { "introduced": "0" }, { "last_affected": "1.2.8-p23" }, { "introduced": "0" }, { "last_affected": "1.2.8-p24" }, { "introduced": "0" }, { "last_affected": "1.2.8-p25" }, { "introduced": "0" }, { "last_affected": "1.2.8-p3" }, { "introduced": "0" }, { "last_affected": "1.2.8-p4" }, { "introduced": "0" }, { "last_affected": "1.2.8-p5" }, { "introduced": "0" }, { "last_affected": "1.2.8-p6" }, { "introduced": "0" }, { "last_affected": "1.2.8-p7" }, { "introduced": "0" }, { "last_affected": "1.2.8-p8" }, { "introduced": "0" }, { "last_affected": "1.2.8-p9" }, { "introduced": "0" }, { "last_affected": "1.4.0" }, { "introduced": "0" }, { "last_affected": "1.4.0-b1" }, { "introduced": "0" }, { "last_affected": "1.4.0-b2" }, { "introduced": "0" }, { "last_affected": "1.4.0-b3" }, { "introduced": "0" }, { "last_affected": "1.4.0-b4" }, { "introduced": "0" }, { "last_affected": "1.4.0-b5" }, { "introduced": "0" }, { "last_affected": "1.4.0-b6" }, { "introduced": "0" }, { "last_affected": "1.4.0-b7" }, { "introduced": "0" }, { "last_affected": "1.4.0-b8" }, { "introduced": "0" }, { "last_affected": "1.4.0-b9" }, { "introduced": "0" }, { "last_affected": "1.4.0-p1" }, { "introduced": "0" }, { "last_affected": "1.4.0-p2" }, { "introduced": "0" }, { "last_affected": "1.4.0-p3" }, { "introduced": "0" }, { "last_affected": "1.4.0-p4" }, { "introduced": "0" }, { "last_affected": "1.4.0-p5" }, { "introduced": "0" }, { "last_affected": "1.4.0-p6" }, { "introduced": "0" }, { "last_affected": "1.4.0-p7" }, { "introduced": "0" }, { "last_affected": "1.4.0-p8" }, { "introduced": "0" }, { "last_affected": "1.4.0-p9" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "43a36d6f930612dddca5f389212004b50c663e30" }, { "introduced": "0" }, { "last_affected": "951ef0f3251db139b1630954f529076de68f2e45" }, { "introduced": "0" }, { "last_affected": "a5387f48d2c8d75dcf5913991fa6368beb1547db" }, { "introduced": "0" }, { "last_affected": "9c96426d4a9ba19e56b0a7c89046b52a190491f2" }, { "introduced": "0" }, { "last_affected": "047bb3e7dedd2c42fb773883e34b04578c84b47f" }, { "introduced": "0" }, { "last_affected": "7c878ef940aeffc33580f73773eb1faf485b2c65" }, { "introduced": "0" }, { "last_affected": "4a2fb425774fbdbfd0539c283c60c4e0fc16c041" }, { "introduced": "0" }, { "last_affected": "dbcaa28f8a56538404167315640f61787f82ab40" }, { "introduced": "0" }, { "last_affected": "0c160e4c91b176074a6ea50472cf67c2fbd4c8d8" }, { "introduced": "0" }, { "last_affected": "2473fb54370651ea994b804a5f41beead9fee745" }, { "introduced": "0" }, { "last_affected": "c1da9b0460ba8a04db25091676793a421c305b78" }, { "introduced": "0" }, { "last_affected": "c169bb24ec1bd0b9b3e31cfdea971ebf8b85f5cb" }, { "introduced": "0" }, { "last_affected": "951ef0f3251db139b1630954f529076de68f2e45" }, { "introduced": "0" }, { "last_affected": "a5387f48d2c8d75dcf5913991fa6368beb1547db" }, { "introduced": "0" }, { "last_affected": "9c96426d4a9ba19e56b0a7c89046b52a190491f2" }, { "introduced": "0" }, { "last_affected": "3c29aef2d31dc88288d13fa393a7d42d2e8aa986" }, { "introduced": "0" }, { "last_affected": "c38313c695ad15013d1629778d52f137466183dd" }, { "introduced": "0" }, { "last_affected": "37daaffaf5d5d5e7fce84ac8576058f59bc65c6c" }, { "introduced": "0" }, { "last_affected": "b1a95330a8b75fdddc4e18e8450ad7bfadc28b25" }, { "introduced": "0" }, { "last_affected": "accce2f1029ba750f914699bd5c6db0334ed1069" }, { "introduced": "0" }, { "last_affected": "a33ce3201a7e1d8379d8cb1500d0c40f8527b6d9" }, { "introduced": "0" }, { "last_affected": "bdbf9d6f199d66ead89d8b74f2cc2a0e0c52d4ca" }, { "introduced": "0" }, { "last_affected": "5a48e8f68b4b8e22e7dc15125ac01b2e818df6b0" }, { "introduced": "0" }, { "last_affected": "047bb3e7dedd2c42fb773883e34b04578c84b47f" }, { "introduced": "0" }, { "last_affected": "b2cebe33687c214d5a5decb26b7a489b4ffdf0c8" }, { "introduced": "0" }, { "last_affected": "e48c02484ddce8f9af91fbdfea9d7f83b2e1fc68" }, { "introduced": "0" }, { "last_affected": "99f0a015d773a26af6a6fd71521a1d402e02892f" }, { "introduced": "0" }, { "last_affected": "d90ec721c3e3310181439b3ff0ef72d1199339cc" }, { "introduced": "0" }, { "last_affected": "7b96b1be4a4c7e8234ba11731f8c4bba5660a036" }, { "introduced": "0" }, { "last_affected": "7587c8acc9c3c1dd4913eb832e32149c507efc66" }, { "introduced": "0" }, { "last_affected": "7c878ef940aeffc33580f73773eb1faf485b2c65" }, { "introduced": "0" }, { "last_affected": "4a2fb425774fbdbfd0539c283c60c4e0fc16c041" }, { "introduced": "0" }, { "last_affected": "dbcaa28f8a56538404167315640f61787f82ab40" }, { "introduced": "0" }, { "last_affected": "0c160e4c91b176074a6ea50472cf67c2fbd4c8d8" }, { "introduced": "0" }, { "last_affected": "2473fb54370651ea994b804a5f41beead9fee745" }, { "introduced": "0" }, { "last_affected": "c1da9b0460ba8a04db25091676793a421c305b78" }, { "introduced": "0" }, { "last_affected": "c169bb24ec1bd0b9b3e31cfdea971ebf8b85f5cb" }, { "introduced": "0" }, { "last_affected": "3144d0a38c9ff1b290ae6f4489c5df34a2daaf65" }, { "introduced": "0" }, { "last_affected": "dd45ab44d88b2a38ec9e37e6d19fec999312fabb" }, { "introduced": "0" }, { "last_affected": "1d698351348d44f9d6fc8fb544e27512f649ec5c" }, { "introduced": "0" }, { "last_affected": "eef06912863fa3c80ed61721e9df1f4c16fd45de" }, { "introduced": "0" }, { "last_affected": "a688860baea6809d303bc7dc4c833b48ecc1f4e0" }, { "introduced": "0" }, { "last_affected": "b2fba42409c49b7ac589ce84301ce659b9373349" }, { "introduced": "0" }, { "last_affected": "1b5a7662e6e7020bc8078156fc5cc31080ca95e1" }, { "introduced": "0" }, { "last_affected": "93c708f9b40ec66ea6420689e2028e299023ffb9" }, { "introduced": "0" }, { "last_affected": "922e81cd68fcf1f4b9db6c829c1483377c5795d5" }, { "introduced": "0" }, { "last_affected": "2c508a7e8192d1335d8ea4b90ad9bad8f842a607" }, { "introduced": "0" }, { "last_affected": "dd45ab44d88b2a38ec9e37e6d19fec999312fabb" }, { "introduced": "0" }, { "last_affected": "1d698351348d44f9d6fc8fb544e27512f649ec5c" }, { "introduced": "0" }, { "last_affected": "eef06912863fa3c80ed61721e9df1f4c16fd45de" }, { "introduced": "0" }, { "last_affected": "a688860baea6809d303bc7dc4c833b48ecc1f4e0" }, { "introduced": "0" }, { "last_affected": "b2fba42409c49b7ac589ce84301ce659b9373349" }, { "introduced": "0" }, { "last_affected": "1b5a7662e6e7020bc8078156fc5cc31080ca95e1" }, { "introduced": "0" }, { "last_affected": "93c708f9b40ec66ea6420689e2028e299023ffb9" }, { "introduced": "0" }, { "last_affected": "922e81cd68fcf1f4b9db6c829c1483377c5795d5" }, { "introduced": "0" }, { "last_affected": "2c508a7e8192d1335d8ea4b90ad9bad8f842a607" } ], "repo": "https://github.com/tribe29/checkmk", "type": "GIT" } ] } ], "details": "A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the output_format parameter, and the username parameter of failed HTTP basic authentication attempts, which is returned unencoded in an internal server error page.", "id": "CVE-2017-11507", "modified": "2026-03-13T21:52:12.835129557Z", "published": "2017-12-11T16:29:00.203Z", "references": [ { "type": "ADVISORY", "url": "http://mathias-kettner.com/check_mk_werks.php?werk_id=7661" }, { "type": "EVIDENCE", "url": "https://www.tenable.com/security/research/tra-2017-20" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }