CVE-2022-48321

Name of the Vulnerable Software and Affected Versions Checkmk versions 2.1.0 through 2.1.0p11

Description The issue allows an attacker to perform a limited Server-Side Request Forgery (SSRF) in the agent-receiver component, enabling communication with local network restricted endpoints through the host registration API.

Recommendations For Checkmk versions 2.1.0 through 2.1.0p11, as a temporary workaround, consider restricting access to the host registration API until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.