1445 matches found
CVE-2025-58121
Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information...
CVE-2025-58122
Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure...
UBUNTU-CVE-2025-58121
Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information...
UBUNTU-CVE-2025-64996
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
UBUNTU-CVE-2025-58122
Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure...
CVE-2025-58121 Insufficient permission validation on multiple REST API endpoints
Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information...
CVE-2025-58121 Insufficient permission validation on multiple REST API endpoints
Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information...
CVE-2025-58121
CVE-2025-58121 involves insufficient permission validation on multiple REST API endpoints in Checkmk, affecting versions 2.2.0, 2.3.0 and 2.4.0 prior to 2.4.0p16. The issue allows low-privilege users to perform unauthorized actions or access sensitive information. Remediation: upgrade to Checkmk ...
CVE-2025-58122 Insufficient permission validation when configuring notification parameters
Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure...
CVE-2025-58122 Insufficient permission validation when configuring notification parameters
Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure...
CVE-2025-58122
CVE-2025-58122 affects Checkmk 2.4.0 prior to 2.4.0p16. The root cause is insufficient permission validation in the REST API, allowing low-privilege users to modify notification parameters and potentially cause unauthorized actions or information disclosure. Impact is limited to the described una...
CVE-2025-64996
Checkmk vulnerable component: mk_inotify plugin. Affected in versions before 2.4.0p16, 2.3.0p41, and all 2.2.0 and older. The plugin creates world-readable/writable files, allowing any local user to read its output and modify it, potentially leading to unauthorized access to or modification of mo...
CVE-2025-64996 Overly broad file permissions in the mk_inotify plugin allows reading and manipulating the plugin's output
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
CVE-2025-64996 Overly broad file permissions in the mk_inotify plugin allows reading and manipulating the plugin's output
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions 2.2.0, 2.3.0, and 2.4.0 up to and including 2.4.0p16, which stems from insufficient validation of REST API endpoint privileges and could lead to unauthorized actions or information disclosu...
PT-2025-47325
Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.4.0p16 Description A flaw exists in Checkmk where inadequate permission checks allow users with limited privileges to alter notification settings through the REST API. This could potentially result in unauthorized...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk version 2.4.0 up to and including 2.4.0p16, which stems from insufficient privilege validation and could lead to unauthorized operation or information disclosure...
PT-2025-47324
Name of the Vulnerable Software and Affected Versions Checkmk versions 2.2.0, 2.3.0, and 2.4.0 through 2.4.0p15 Description Improper permission checks on several REST API endpoints in the software permit users with limited privileges to execute actions they should not be authorized to perform or...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.4.0p16, prior to 2.3.0p41, and all versions 2.2.0 and prior, which stems from the mkinotify plugin creating globally readable and writable files that could lead to unauthorized...
PT-2025-47328
Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.4.0p16 Checkmk versions prior to 2.3.0p41 Checkmk versions 2.2.0 and older Description The mk inotify plugin creates files that are world-readable and writable. This allows any local user on the system to read the...