Checkmk · Checkmk · CVE-2025-3506
**Name of the Vulnerable Software and Affected Versions**
Checkmk versions 2.1.0 through 2.3.0
Checkmk version 2.4.0b6 and earlier
**Description**
The issue allows files to be deployed with agents to be accessible without authentication. This could enable an attacker to access files that may contain secrets.
**Recommendations**
For Checkmk versions 2.1.0 through 2.3.0, update to a version later than 2.3.0 to resolve the issue.
For Checkmk version 2.4.0b6 and earlier, update to a version later than 2.4.0b6 to resolve the issue.
As a temporary workaround, consider restricting access to sensitive files until a patch is available.