VYPR
Unrated severityOSV Advisory· Published Dec 18, 2025· Updated Dec 18, 2025

Insufficient permission validation when showing agent information

CVE-2025-64997

Description

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Checkmk/CheckmkOSV2 versions
    1.1.0beta17, v1.1.0, v1.1.10, …+ 1 more
    • (no CPE)range: 1.1.0beta17, v1.1.0, v1.1.10, …
    • (no CPE)range: <2.4.0p17, <2.3.0p42

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.