VYPR
Unrated severityNVD Advisory· Published Mar 22, 2024· Updated Aug 12, 2024

Information disclosure in mk_oracle Checkmk agent plugin

CVE-2024-1742

Description

Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the extraction of this information from the process list.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Checkmk/Checkmkllm-fuzzy2 versions
    <2.0.0 (EOL), <2.1.0p41, <2.2.0p24, <2.3.0b4+ 1 more
    • (no CPE)range: <2.0.0 (EOL), <2.1.0p41, <2.2.0p24, <2.3.0b4
    • (no CPE)range: 2.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.