Improper Certificate Validation in Checkmk Exchange Plugin for Dell PowerScale
CVE-2025-58127

6.9MEDIUM

Key Information:

Status
Vendor: CVE Published:; 28 August 2025

What is CVE-2025-58127?

The Checkmk Exchange Plugin for Dell PowerScale suffers from an improper certificate validation vulnerability, allowing attackers in a Man-in-the-Middle (MitM) position to intercept and manipulate traffic between users and the affected service. This flaw poses a significant risk as it may lead to unauthorized access and data compromise. Immediate action is advisable to mitigate potential exploitation of the vulnerability.

References

https://exchange.checkmk.com/p/powerscale

product

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2025
Vulnerability Reserved
Aug 25, 2025

Credit

Felix Eberstaller (Limes Security)

Jakob Hartmann (Limes Security)