6 matches found
EUVD-2025-4707
Malicious code in bioql PyPI...
CVE-2024-38862 SNMP and IMPI secrets written to audit log
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p18, 2.2.0p35, 2.1.0p48 and =2.0.0p39 EOL causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators...
CVE-2024-38862
The CVE-2024-38862 vulnerability affects Checkmk GmbH’s Checkmk, where versions before 2.3.0p18, 2.2.0p35, 2.1.0p48 and the EOL 2.0.0p39 store SNMP and IMPI secrets of host and folder properties in audit log files that are accessible to administrators. The issue is caused by insertion of sensitiv...
CVE-2024-28830 Automation user secrets written to audit log
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p7, 2.2.0p28, 2.1.0p45 and =2.0.0p39 EOL causes automation user secrets to be written to audit log files accessible to administrators...
Authorization
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
CVE-2023-22348
CVE-2023-22348 affects Checkmk with improper authorization in the REST API. Versions prior to 2.1.0p28 and prior to 2.2.0b8 allow remote authenticated users to read arbitrary host_configs due to insufficient access checks. Impact is limited to confidentiality (read of host_configs); no integrity/...