2 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-64998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of session signing secret in Checkmk 2.4.0p23, 2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions ...
CVE-2025-64998
CVE-2025-64998 affects Checkmk versions prior to 2.4.0p23, 2.3.0p45, and 2.2.0. The issue is the exposure of the session signing secret in distributed Checkmk deployments with config sync enabled, enabling an administrator on a remote site to forge session cookies and hijack sessions on the centr...