Checkmk Information Leakage Vulnerability Affects Mk Notifyd
CVE-2024-6747
7.5HIGH
Summary
The vulnerability in Checkmk's mknotifyd component prior to specified versions allows attackers to exploit an information leakage flaw, leading to the potential exposure of sensitive data. This issue affects several versions of Checkmk, creating significant risks for organizations that rely on this software for monitoring and IT management. Specific versions vulnerable include 2.3.0p17 and earlier, 2.2.0p35 and earlier, and 2.1.0p48 and earlier. Administrators are advised to review their deployments and apply necessary updates to safeguard against unauthorized access to sensitive information.
Affected Version(s)
Checkmk 2.3.0 < 2.3.0p18
Checkmk 2.2.0 < 2.2.0p36
Checkmk 2.1.0 < 2.1.0p49
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved