PT-2025-22330 · Checkmk · Checkmk
Published
2025-05-21
·
Updated
2025-05-22
·
CVE-2025-1712
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Checkmk versions prior to 2.4.0p1
Checkmk versions prior to 2.3.0p32
Checkmk versions prior to 2.2.0p42
Checkmk version 2.1.0
Description
The issue allows authenticated attackers to write arbitrary files due to argument injection in special agent configuration.
Recommendations
For Checkmk versions prior to 2.4.0p1, update to version 2.4.0p1 or later.
For Checkmk versions prior to 2.3.0p32, update to version 2.3.0p32 or later.
For Checkmk versions prior to 2.2.0p42, update to version 2.2.0p42 or later.
For Checkmk version 2.1.0, consider upgrading to a newer version to mitigate the risk.
Fix
Argument Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Checkmk