Skip to main content

Checkmk

90 CVEs product

Monthly

CVE-2026-14852 MEDIUM PATCH This Month

Privilege escalation in Checkmk's mk_sap_hana agent plugin allows a local unprivileged user to execute arbitrary commands as root by planting a process whose name mimics a SAP HANA instance. The plugin, when running as root under the RUNAS=agent configuration and lacking explicit database configuration, blindly reads the OS process list to derive SAP HANA instance identifiers and injects them unsanitized into a shell command executed with root privileges - a textbook CWE-78 OS command injection. No public exploit code or CISA KEV listing exists at time of analysis, but the attack prerequisites are achievable on any misconfigured Checkmk deployment that monitors SAP environments.

Privilege Escalation SAP Command Injection Checkmk
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2026-9549 MEDIUM PATCH This Month

Stored cross-site scripting in Checkmk's service discovery active check output allows a high-privileged administrator to inject persistent malicious HTML or JavaScript that executes in the browsers of other administrators or users with host read permissions when they run checks on the service discovery page. Affected versions span all currently maintained branches: Checkmk below 2.5.0p5, below 2.4.0p31, below 2.3.0p48, and all 2.2.0 releases with no patch for that branch. No public exploit has been identified at time of analysis and the vulnerability is absent from CISA KEV, but the stored nature of the XSS and its targeting of privileged user sessions make it a meaningful lateral-privilege and session-compromise vector within Checkmk deployments.

XSS Checkmk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-8833 HIGH PATCH This Week

Stored/reflected cross-site scripting in Checkmk monitoring platform versions prior to 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 releases allows authenticated users to bypass URL validation by leveraging HTML-encoded characters, enabling injection of javascript: URIs that execute in another user's browser session. The CVSS 4.0 score of 8.5 reflects the high impact on confidentiality, integrity, and availability when a victim interacts with a crafted link, though no public exploit identified at time of analysis and the issue requires both low-privilege authentication and user interaction.

XSS Checkmk
NVD VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-8078 MEDIUM PATCH This Month

Stored cross-site scripting in Checkmk's global settings change log enables a high-privileged administrator to persist malicious HTML or JavaScript within changelog messages, which then executes silently in the browsers of other authenticated users who view the Activate Changes page or Audit log. Affected versions span all 2.2.0 releases and builds prior to 2.5.0p5, 2.4.0p31, and 2.3.0p48. No active exploitation is confirmed (not listed in CISA KEV), and no public exploit code has been identified at time of analysis; however, the insider-threat angle - an already-privileged admin targeting peer users - is the realistic concern here.

XSS Checkmk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-7765 MEDIUM PATCH This Month

Incorrect authorization in Checkmk's User Messages dashboard widget exposes the dashboard creator's personal messages to any party possessing a valid public dashboard share token. The message-fetching endpoints resolve messages using the dashboard creator's identity rather than the requesting party's identity, meaning that direct API calls with a share token return the issuer's private messages regardless of whether the User Messages widget is actually present on the shared dashboard. All Checkmk deployments running versions prior to 2.5.0p5 that use the public dashboard sharing feature are affected. No public exploit has been identified and the vulnerability is not listed in CISA KEV at time of analysis.

Authentication Bypass Checkmk
NVD VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-7186 HIGH PATCH This Week

Stored cross-site scripting in Checkmk monitoring platform allows a low-privileged user with dashboard editing rights to embed a javascript: URI inside the URL dashboard widget, which then executes in the browser of any other user viewing that dashboard. The flaw affects Checkmk versions prior to 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 releases, and carries a CVSS 4.0 score of 8.5 due to the high confidentiality and integrity impact achievable against higher-privileged operators. No public exploit identified at time of analysis, but the prerequisite (dashboard edit permission) is commonly granted to operations staff.

XSS Checkmk
NVD VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-33457 MEDIUM PATCH This Month

Livestatus command injection in Checkmk prediction graph page allows authenticated users to execute arbitrary Livestatus commands by injecting malicious service name parameters due to insufficient input sanitization. Affected versions include Checkmk 2.3.0 before p47, 2.4.0 before p26, and 2.5.0 before b4. The vulnerability requires valid authentication credentials to exploit and results in limited confidentiality, integrity, and availability impact within the Livestatus subsystem.

Code Injection Checkmk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-33456 MEDIUM PATCH This Month

Livestatus injection in Checkmk's notification test mode allows authenticated users with high privileges to inject arbitrary Livestatus commands via crafted service descriptions in versions prior to 2.5.0b4 and 2.4.0p26. The vulnerability has a CVSS score of 5.1 with limited confidentiality and integrity impact, requiring high-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.

Code Injection Checkmk
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-33455 MEDIUM PATCH This Month

Livestatus injection in Checkmk's monitoring quicksearch function allows authenticated attackers to inject arbitrary livestatus commands through insufficiently sanitized search query parameters in versions prior to 2.5.0b4. The vulnerability requires valid authentication credentials and enables low-impact information disclosure and limited integrity/availability changes within the monitoring system. No public exploit code or active exploitation has been reported at time of analysis.

Code Injection Checkmk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-39666 CRITICAL PATCH Act Now

Local privilege escalation in Checkmk allows site users with high privileges to escalate to root by manipulating site context files processed by the root-executed 'omd' administrative command. Affects Checkmk 2.2.0 (EOL), 2.3.0 before p46, 2.4.0 before p25, and 2.5.0 beta before b3. No public exploit identified at time of analysis. CVSS 9.3 reflects total technical impact, but SSVC assessment indicates non-automatable exploitation requiring existing high-privilege access, tempering the real-world urgency for organizations with strict site user access controls.

Privilege Escalation Checkmk
NVD
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-3466 HIGH PATCH This Week

Stored cross-site scripting in Checkmk dashboard dashlet title links enables authenticated attackers with dashboard creation privileges to execute malicious JavaScript in victims' browsers when they click crafted dashlet links on shared dashboards. Affects Checkmk 2.2.0 (EOL), 2.3.0 before p46, 2.4.0 before p25, and 2.5.0 beta before b3. Vendor-released patches are available for all supported versions. EPSS score of 0.05% (14th percentile) indicates low predicted exploitation probability, and no public exploit identified at time of analysis, though CVSS 8.5 reflects the high impact of successful exploitation (complete confidentiality, integrity, and availability compromise in victim context).

XSS Checkmk
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-24096 MEDIUM PATCH This Month

Insufficient permission validation in Checkmk REST API Quick Setup endpoints allows low-privileged authenticated users to perform unauthorized administrative actions or access sensitive information in versions 2.5.0 beta before 2.5.0b2 and 2.4.0 before 2.4.0p25. The vulnerability stems from missing authorization checks that fail to enforce role-based access control on multiple API endpoints, enabling privilege escalation within the monitoring platform.

Information Disclosure Checkmk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-20915 HIGH PATCH This Week

Stored cross-site scripting (XSS) in Checkmk 2.5.0 beta allows authenticated users with pending change permissions to inject malicious JavaScript into the Pending Changes sidebar, executing in the browsers of other users who view that sidebar. This vulnerability affects the beta release 2.5.0 before version 2.5.0b2 and requires existing user authentication with specific permissions to exploit.

XSS Checkmk
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-33276 HIGH PATCH This Week

Stored cross-site scripting (XSS) in Checkmk 2.5.0 beta versions before 2.5.0b2 allows authenticated users with host or service creation permissions to inject malicious JavaScript that executes in the browsers of other users when they perform searches via the Unified Search feature, potentially enabling session hijacking, credential theft, or administrative account compromise.

XSS Checkmk
NVD
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-64998 HIGH PATCH This Week

Checkmk exposes its session signing secret in configurations synchronized between remote and central sites, allowing a remote site administrator to forge valid session cookies and hijack user sessions on the central monitoring instance. This vulnerability affects Checkmk versions prior to 2.4.0p23, 2.3.0p45, and all 2.2.0 releases when configuration synchronization is enabled. An attacker with administrative privileges on a remote Checkmk site can leverage this exposure to impersonate any user, including central site administrators, potentially gaining complete control over the monitoring infrastructure.

Information Disclosure Checkmk
NVD VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-2859 MEDIUM PATCH This Month

Checkmk contains an improper permission enforcement vulnerability in the deploy_agent endpoint that allows unauthenticated users to enumerate existing hosts by analyzing differential HTTP response codes, resulting in information disclosure. The vulnerability affects Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and end-of-life version 2.2.0, with a CVSS score of 6.3 indicating moderate severity. An attacker with network access can passively discover the infrastructure topology without authentication, though no known active exploitation or public POC has been confirmed at this time.

Information Disclosure Checkmk
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2026-24097 MEDIUM PATCH This Month

Checkmk contains an improper permission enforcement vulnerability in the agent-receiver/register_existing endpoint that allows authenticated users to enumerate existing hosts by observing differential HTTP response codes, enabling information disclosure. This affects Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and the end-of-life 2.2.0 branch. While not currently listed as actively exploited in known vulnerability catalogs, the low CVSS score of 5.3 reflects limited confidentiality impact and the requirement for prior authentication, though the straightforward nature of the enumeration technique presents moderate real-world risk.

Information Disclosure Checkmk
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-3103 MEDIUM This Month

Data loss in Checkmk versions before 2.4.0p23, 2.3.0p43, and 2.2.0 results from a logic error in the remove_password() function that allows low-privileged users to delete sensitive information. An authenticated attacker can exploit this vulnerability to cause unintended data loss without requiring user interaction. No patch is currently available for affected deployments.

Authentication Bypass Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-64999 MEDIUM This Month

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link. [CVSS 5.4 MEDIUM]

XSS Checkmk
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-64996 MEDIUM Monitor

In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-58122 MEDIUM This Month

Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-58121 MEDIUM This Month

Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-32918 HIGH PATCH This Week

A security vulnerability in autocomplete endpoint within the RestAPI of Checkmk (CVSS 8.8) that allows an authenticated user. High severity vulnerability requiring prompt remediation.

Code Injection Ubuntu Debian Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-32915 MEDIUM Monitor

Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk < 2.4.0p1, < 2.3.0p32, < 2.2.0p42 and <= 2.1.0p49 (EOL). Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
4.3
EPSS
0.1%
CVE-2025-1712 HIGH This Month

Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2025-32917 MEDIUM This Month

Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2025-3506 MEDIUM This Month

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
6.3
EPSS
0.2%
CVE-2025-2092 HIGH This Week

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2.2.0p41 and <=2.1.0p49 (EOL) causes remote site authentication secrets to be written to log files. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2024-38865 MEDIUM This Month

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 (EOL) allows arbitrary livestatus command. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
6.0
EPSS
0.8%
CVE-2025-2596 LOW Monitor

Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL). Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-1075 MEDIUM This Month

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p27, <2.2.0p40, and 2.1.0p51 (EOL) causes LDAP credentials to be written to Apache error log file accessible. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apache Checkmk
NVD
CVSS 4.0
5.6
EPSS
0.1%
CVE-2024-38864 MEDIUM This Month

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2.0p38 and <= 2.1.0p49 (EOL) allows a local attacker to read sensitive data. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Checkmk
NVD
CVSS 4.0
4.8
EPSS
0.2%
CVE-2024-47094 MEDIUM This Month

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2.2.0p37, <2.1.0p50 (EOL) causes remote site secrets to be written to web log files accessible to local. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
5.7
EPSS
0.2%
CVE-2024-38863 MEDIUM This Month

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Checkmk
NVD
CVSS 4.0
5.1
EPSS
0.3%
CVE-2024-38862 MEDIUM This Month

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-6747 HIGH This Week

Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-8606 CRITICAL Act Now

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Checkmk
NVD
CVSS 4.0
9.2
EPSS
0.5%
CVE-2024-38860 MEDIUM This Month

Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows attackers to craft malicious links that can facilitate phishing attacks. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 4.0
5.1
EPSS
0.3%
CVE-2024-6572 MEDIUM This Month

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 (EOL) allows. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
6.3
EPSS
0.3%
CVE-2024-38858 LOW Monitor

Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 4.0
2.3
EPSS
0.3%
CVE-2024-38859 MEDIUM This Month

XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to execute arbitrary scripts by injecting HTML. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 4.0
4.8
EPSS
0.4%
CVE-2024-28829 MEDIUM This Month

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2024-6542 MEDIUM This Month

Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk <= 2.0.0p39, < 2.1.0p47, < 2.2.0p32 and < 2.3.0p11 allows arbitrary livestatus command execution. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-28828 HIGH This Week

Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) could lead to 1-click compromize of the site. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-28827 HIGH This Week

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) allows a local attacker to gain SYSTEM privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Checkmk
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-6163 MEDIUM This Month

Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39 allows remote attacker to bypass authentication and access data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-6052 MEDIUM This Month

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-38857 MEDIUM This Month

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows attackers to craft malicious links that can facilitate phishing attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-28830 LOW Monitor

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
2.7
EPSS
0.3%
CVE-2024-28832 MEDIUM This Month

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows users with permission to change Global Settings to execute arbitrary scripts by. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-28831 MEDIUM This Month

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-5741 MEDIUM This Month

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 (EOL). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28833 HIGH This Week

Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-28826 HIGH This Week

Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 (EOL) allows attackers with sufficient permissions to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2024-28825 CRITICAL Act Now

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-3367 MEDIUM This Month

Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-2380 MEDIUM This Month

Stored XSS in graph rendering in Checkmk <2.3.0b4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28824 HIGH This Week

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-1742 LOW Monitor

Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-0638 MEDIUM This Month

Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-0670 HIGH This Week

Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Checkmk
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-6740 HIGH PATCH This Week

Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Privilege Escalation Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2023-6735 HIGH PATCH This Week

Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Privilege Escalation Code Injection Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-31211 HIGH PATCH This Week

Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-31210 HIGH This Week

Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-6251 LOW Monitor

Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Checkmk
NVD
CVSS 3.1
3.5
EPSS
0.2%
CVE-2023-6157 HIGH This Week

Improper neutralization of livestatus command delimiters in ajax_search in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-6156 HIGH This Week

Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-23549 LOW Monitor

Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Checkmk
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2023-31209 HIGH This Week

Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Checkmk
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-23548 MEDIUM This Month

Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-22359 MEDIUM This Month

User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-22348 MEDIUM This Month

Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-31208 HIGH This Week

Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-31207 MEDIUM This Month

Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apache Information Disclosure Checkmk
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22294 HIGH This Week

Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-2020 MEDIUM This Month

Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-1768 MEDIUM PATCH This Month

Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Checkmk
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2023-22288 MEDIUM This Month

HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-0284 HIGH This Week

Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-33912 HIGH This Week

A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Debian Checkmk
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31258 MEDIUM This Month

In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2021-40906 MEDIUM This Month

CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-40905 HIGH POC This Week

The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Checkmk
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-40904 HIGH POC This Week

The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation RCE PHP Checkmk
NVD GitHub
CVSS 3.1
8.8
EPSS
3.8%
CVE-2022-24566 MEDIUM This Month

In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-24565 MEDIUM This Month

Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-24564 MEDIUM PATCH This Month

Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Checkmk
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-36563 MEDIUM POC This Month

The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Checkmk
NVD GitHub
CVSS 3.1
5.4
EPSS
1.7%
CVE-2017-14955 MEDIUM POC THREAT This Month

Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 19.6%.

Information Disclosure Checkmk
NVD Exploit-DB
CVSS 3.1
5.9
EPSS
19.6%
EPSS 0% CVSS 5.2
MEDIUM PATCH This Month

Privilege escalation in Checkmk's mk_sap_hana agent plugin allows a local unprivileged user to execute arbitrary commands as root by planting a process whose name mimics a SAP HANA instance. The plugin, when running as root under the RUNAS=agent configuration and lacking explicit database configuration, blindly reads the OS process list to derive SAP HANA instance identifiers and injects them unsanitized into a shell command executed with root privileges - a textbook CWE-78 OS command injection. No public exploit code or CISA KEV listing exists at time of analysis, but the attack prerequisites are achievable on any misconfigured Checkmk deployment that monitors SAP environments.

Privilege Escalation SAP Command Injection +1
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Stored cross-site scripting in Checkmk's service discovery active check output allows a high-privileged administrator to inject persistent malicious HTML or JavaScript that executes in the browsers of other administrators or users with host read permissions when they run checks on the service discovery page. Affected versions span all currently maintained branches: Checkmk below 2.5.0p5, below 2.4.0p31, below 2.3.0p48, and all 2.2.0 releases with no patch for that branch. No public exploit has been identified at time of analysis and the vulnerability is absent from CISA KEV, but the stored nature of the XSS and its targeting of privileged user sessions make it a meaningful lateral-privilege and session-compromise vector within Checkmk deployments.

XSS Checkmk
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Stored/reflected cross-site scripting in Checkmk monitoring platform versions prior to 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 releases allows authenticated users to bypass URL validation by leveraging HTML-encoded characters, enabling injection of javascript: URIs that execute in another user's browser session. The CVSS 4.0 score of 8.5 reflects the high impact on confidentiality, integrity, and availability when a victim interacts with a crafted link, though no public exploit identified at time of analysis and the issue requires both low-privilege authentication and user interaction.

XSS Checkmk
NVD VulDB
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Stored cross-site scripting in Checkmk's global settings change log enables a high-privileged administrator to persist malicious HTML or JavaScript within changelog messages, which then executes silently in the browsers of other authenticated users who view the Activate Changes page or Audit log. Affected versions span all 2.2.0 releases and builds prior to 2.5.0p5, 2.4.0p31, and 2.3.0p48. No active exploitation is confirmed (not listed in CISA KEV), and no public exploit code has been identified at time of analysis; however, the insider-threat angle - an already-privileged admin targeting peer users - is the realistic concern here.

XSS Checkmk
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Incorrect authorization in Checkmk's User Messages dashboard widget exposes the dashboard creator's personal messages to any party possessing a valid public dashboard share token. The message-fetching endpoints resolve messages using the dashboard creator's identity rather than the requesting party's identity, meaning that direct API calls with a share token return the issuer's private messages regardless of whether the User Messages widget is actually present on the shared dashboard. All Checkmk deployments running versions prior to 2.5.0p5 that use the public dashboard sharing feature are affected. No public exploit has been identified and the vulnerability is not listed in CISA KEV at time of analysis.

Authentication Bypass Checkmk
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Stored cross-site scripting in Checkmk monitoring platform allows a low-privileged user with dashboard editing rights to embed a javascript: URI inside the URL dashboard widget, which then executes in the browser of any other user viewing that dashboard. The flaw affects Checkmk versions prior to 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 releases, and carries a CVSS 4.0 score of 8.5 due to the high confidentiality and integrity impact achievable against higher-privileged operators. No public exploit identified at time of analysis, but the prerequisite (dashboard edit permission) is commonly granted to operations staff.

XSS Checkmk
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Livestatus command injection in Checkmk prediction graph page allows authenticated users to execute arbitrary Livestatus commands by injecting malicious service name parameters due to insufficient input sanitization. Affected versions include Checkmk 2.3.0 before p47, 2.4.0 before p26, and 2.5.0 before b4. The vulnerability requires valid authentication credentials to exploit and results in limited confidentiality, integrity, and availability impact within the Livestatus subsystem.

Code Injection Checkmk
NVD VulDB
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Livestatus injection in Checkmk's notification test mode allows authenticated users with high privileges to inject arbitrary Livestatus commands via crafted service descriptions in versions prior to 2.5.0b4 and 2.4.0p26. The vulnerability has a CVSS score of 5.1 with limited confidentiality and integrity impact, requiring high-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.

Code Injection Checkmk
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Livestatus injection in Checkmk's monitoring quicksearch function allows authenticated attackers to inject arbitrary livestatus commands through insufficiently sanitized search query parameters in versions prior to 2.5.0b4. The vulnerability requires valid authentication credentials and enables low-impact information disclosure and limited integrity/availability changes within the monitoring system. No public exploit code or active exploitation has been reported at time of analysis.

Code Injection Checkmk
NVD VulDB
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Local privilege escalation in Checkmk allows site users with high privileges to escalate to root by manipulating site context files processed by the root-executed 'omd' administrative command. Affects Checkmk 2.2.0 (EOL), 2.3.0 before p46, 2.4.0 before p25, and 2.5.0 beta before b3. No public exploit identified at time of analysis. CVSS 9.3 reflects total technical impact, but SSVC assessment indicates non-automatable exploitation requiring existing high-privilege access, tempering the real-world urgency for organizations with strict site user access controls.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Stored cross-site scripting in Checkmk dashboard dashlet title links enables authenticated attackers with dashboard creation privileges to execute malicious JavaScript in victims' browsers when they click crafted dashlet links on shared dashboards. Affects Checkmk 2.2.0 (EOL), 2.3.0 before p46, 2.4.0 before p25, and 2.5.0 beta before b3. Vendor-released patches are available for all supported versions. EPSS score of 0.05% (14th percentile) indicates low predicted exploitation probability, and no public exploit identified at time of analysis, though CVSS 8.5 reflects the high impact of successful exploitation (complete confidentiality, integrity, and availability compromise in victim context).

XSS Checkmk
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Insufficient permission validation in Checkmk REST API Quick Setup endpoints allows low-privileged authenticated users to perform unauthorized administrative actions or access sensitive information in versions 2.5.0 beta before 2.5.0b2 and 2.4.0 before 2.4.0p25. The vulnerability stems from missing authorization checks that fail to enforce role-based access control on multiple API endpoints, enabling privilege escalation within the monitoring platform.

Information Disclosure Checkmk
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Stored cross-site scripting (XSS) in Checkmk 2.5.0 beta allows authenticated users with pending change permissions to inject malicious JavaScript into the Pending Changes sidebar, executing in the browsers of other users who view that sidebar. This vulnerability affects the beta release 2.5.0 before version 2.5.0b2 and requires existing user authentication with specific permissions to exploit.

XSS Checkmk
NVD
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Stored cross-site scripting (XSS) in Checkmk 2.5.0 beta versions before 2.5.0b2 allows authenticated users with host or service creation permissions to inject malicious JavaScript that executes in the browsers of other users when they perform searches via the Unified Search feature, potentially enabling session hijacking, credential theft, or administrative account compromise.

XSS Checkmk
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Checkmk exposes its session signing secret in configurations synchronized between remote and central sites, allowing a remote site administrator to forge valid session cookies and hijack user sessions on the central monitoring instance. This vulnerability affects Checkmk versions prior to 2.4.0p23, 2.3.0p45, and all 2.2.0 releases when configuration synchronization is enabled. An attacker with administrative privileges on a remote Checkmk site can leverage this exposure to impersonate any user, including central site administrators, potentially gaining complete control over the monitoring infrastructure.

Information Disclosure Checkmk
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Checkmk contains an improper permission enforcement vulnerability in the deploy_agent endpoint that allows unauthenticated users to enumerate existing hosts by analyzing differential HTTP response codes, resulting in information disclosure. The vulnerability affects Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and end-of-life version 2.2.0, with a CVSS score of 6.3 indicating moderate severity. An attacker with network access can passively discover the infrastructure topology without authentication, though no known active exploitation or public POC has been confirmed at this time.

Information Disclosure Checkmk
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Checkmk contains an improper permission enforcement vulnerability in the agent-receiver/register_existing endpoint that allows authenticated users to enumerate existing hosts by observing differential HTTP response codes, enabling information disclosure. This affects Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and the end-of-life 2.2.0 branch. While not currently listed as actively exploited in known vulnerability catalogs, the low CVSS score of 5.3 reflects limited confidentiality impact and the requirement for prior authentication, though the straightforward nature of the enumeration technique presents moderate real-world risk.

Information Disclosure Checkmk
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Data loss in Checkmk versions before 2.4.0p23, 2.3.0p43, and 2.2.0 results from a logic error in the remove_password() function that allows low-privileged users to delete sensitive information. An authenticated attacker can exploit this vulnerability to cause unintended data loss without requiring user interaction. No patch is currently available for affected deployments.

Authentication Bypass Checkmk
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link. [CVSS 5.4 MEDIUM]

XSS Checkmk
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM Monitor

In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A security vulnerability in autocomplete endpoint within the RestAPI of Checkmk (CVSS 8.8) that allows an authenticated user. High severity vulnerability requiring prompt remediation.

Code Injection Ubuntu Debian +1
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk < 2.4.0p1, < 2.3.0p32, < 2.2.0p42 and <= 2.1.0p49 (EOL). Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 8.7
HIGH This Month

Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2.2.0p41 and <=2.1.0p49 (EOL) causes remote site authentication secrets to be written to log files. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 (EOL) allows arbitrary livestatus command. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL). Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p27, <2.2.0p40, and 2.1.0p51 (EOL) causes LDAP credentials to be written to Apache error log file accessible. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apache Checkmk
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2.0p38 and <= 2.1.0p49 (EOL) allows a local attacker to read sensitive data. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Checkmk
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2.2.0p37, <2.1.0p50 (EOL) causes remote site secrets to be written to web log files accessible to local. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Checkmk
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 9.2
CRITICAL Act Now

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Checkmk
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows attackers to craft malicious links that can facilitate phishing attacks. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 (EOL) allows. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 (EOL) allowed malicious users to execute arbitrary scripts by injecting HTML. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk <= 2.0.0p39, < 2.1.0p47, < 2.2.0p32 and < 2.3.0p11 allows arbitrary livestatus command execution. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) could lead to 1-click compromize of the site. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Checkmk
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) allows a local attacker to gain SYSTEM privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Checkmk
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39 allows remote attacker to bypass authentication and access data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows attackers to craft malicious links that can facilitate phishing attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 2.7
LOW Monitor

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows users with permission to change Global Settings to execute arbitrary scripts by. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 (EOL). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 (EOL) allows attackers with sufficient permissions to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Stored XSS in graph rendering in Checkmk <2.3.0b4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Checkmk
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Privilege Escalation Code Injection Checkmk
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Checkmk
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Checkmk
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Improper neutralization of livestatus command delimiters in ajax_search in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Checkmk
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Checkmk
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apache Information Disclosure Checkmk
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Debian Checkmk
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Checkmk
NVD GitHub VulDB
EPSS 4% CVSS 8.8
HIGH POC This Week

The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation RCE PHP +1
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM This Month

In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Checkmk
NVD
EPSS 2% CVSS 5.4
MEDIUM POC This Month

The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Checkmk
NVD GitHub
EPSS 20% CVSS 5.9
MEDIUM POC THREAT This Month

Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 19.6%.

Information Disclosure Checkmk
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy