Which versions of Check Mk Python Api are affected by CVE-2024-47092?

Organizations using Checkmk Exchange plugin check-mk-api face notable risk from CVE-2024-47092, a insecure deserialization vulnerability rated CVSS 7.7.. A patch is available.

How to fix or mitigate CVE-2024-47092?

Within 7 days: Identify all affected systems running Checkmk Exchange plugin check-mk-api and apply vendor patches promptly. Restrict deserialization to trusted data sources and implement integrity checks.

Check Mk Python Api CVE-2024-47092

Q: What is the CVSS score of CVE-2024-47092?

CVE-2024-47092 has a CVSS 4.0 base score of 7.7 (High). CVSS vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.2%.

HIGH

Deserialization of Untrusted Data (CWE-502)

2025-03-03 security@checkmk.com

Microsoft Deserialization Check Mk Python Api

7.7

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.7 HIGH

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:29 vuln.today

Patch released

Mar 28, 2026 - 18:29 nvd

Patch available

CVE Published

Mar 03, 2025 - 14:15 nvd

HIGH 7.7

DescriptionCVE.org

Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1

AnalysisAI

Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Technical ContextAI

This vulnerability is classified as Deserialization of Untrusted Data (CWE-502), which allows attackers to execute arbitrary code through malicious serialized objects. Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1 Affected products include: Heinlein-Support Check Mk Python Api. Version information: prior to 5.8.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Avoid deserializing untrusted data. Use safe serialization formats (JSON). Implement integrity checks and type allowlists.

CVE-2024-47092 vulnerability details – vuln.today

Back