CVE-2024-6572

Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.3.0p15 Checkmk versions prior to 2.2.0p33 Checkmk versions prior to 2.1.0p48 Checkmk version 2.0.0

Description The issue concerns improper host key checking in the active check 'Check SFTP Service' and the special agent 'VNX quotas and filesystem' in Checkmk. This allows man-in-the-middle attackers to intercept traffic. The risk associated with this issue is unauthorized access.

Recommendations For Checkmk versions prior to 2.3.0p15, update to version 2.3.0p15 or later. For Checkmk versions prior to 2.2.0p33, update to version 2.2.0p33 or later. For Checkmk versions prior to 2.1.0p48, update to version 2.1.0p48 or later. For Checkmk version 2.0.0, consider upgrading to a supported version, as 2.0.0 is end-of-life.