CVE-2024-13723

The CVE-2024-13723 issue affects the NagVis component bundled with Checkmk. Affected: NagVis/Checkmk prior to remediation versions. Root cause: an authenticated admin can upload a crafted map configuration (e.g., exploit.cfg) via the Map module’s import path, bypassing validation, then manipulate...

CVE-2024-13723

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP...

Checkmk NagVis Remote Code Execution

Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE Classification: CWE-434: Unrestricted Upload of File with Dangerous Type CVE ID: CVE-2024-13723 2. Vulnerability Description The "NagVis"...

PT-2025-2258 · Checkmk +1 · Checkmk Nagvis +1

Name of the Vulnerable Software and Affected Versions: Checkmk NagVis component affected versions not specified Description: The NagVis component within Checkmk is vulnerable to reflected cross-site scripting. An attacker can craft a malicious link that will execute arbitrary JavaScript in the...

PT-2025-2259 · Nagvis +2 · Nagvis +2

Name of the Vulnerable Software and Affected Versions: Checkmk affected versions not specified Description: The issue concerns the "NagVis" component within Checkmk, which is susceptible to remote code execution. An authenticated attacker with administrative level privileges can upload a maliciou...

Checkmk NagVis Reflected Cross-site Scripting

Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE Classification: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVE ID: CVE-2024-13722 2...

CVE-2024-38864

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

CVE-2024-38864

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

CVE-2024-38864 User-Readable Private Key in Windows Agent

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

CVE-2024-38864 User-Readable Private Key in Windows Agent

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

CVE-2024-38864

CVE-2024-38864 concerns incorrect permissions on the Checkmk Windows Agent data directory, allowing a local attacker to read sensitive data. Affected are Checkmk Windows Agent implementations prior to 2.3.0p23, prior to 2.2.0p38, and earlier than or equal to 2.1.0p49 (EOL). The issue is local and...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk that stems from incorrect permissions on the Checkmk Windows Agent data directory, allowing a local attacker to read sensitive data...

PT-2024-28245 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p23 Checkmk versions prior to 2.2.0p38 Checkmk versions prior to or equal to 2.1.0p49 Description: The issue is related to incorrect permissions on the Checkmk Windows Agent's data directory, allowing a local...

CVE-2024-47094

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

CVE-2024-47094

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

UBUNTU-CVE-2024-47094

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

CVE-2024-47094 Logging of sitesecret to automations log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

CVE-2024-47094 Logging of sitesecret to automations log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to web log files accessible to local site users...

CVE-2024-47094

CVE-2024-47094 affects Checkmk versions <2.3.0p22, <2.2.0p37, and

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. Checkmk has a security vulnerability that originated when confidential information from a remote site was written to a web log file, causing sensitive information to be disclosed and other security issues...