PT-2025-41387 · Checkmk Gmbh+3 · Checkmk
Published
2025-10-09
·
Updated
2025-10-09
·
CVE-2025-32916
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Checkmk versions prior to 2.4.0p13
Checkmk versions prior to 2.3.0p38
Checkmk versions prior to 2.2.0p46
Checkmk version 2.1.0
Description
Sensitive form data may be included in URL query parameters during GET requests. This can lead to the exposure of sensitive information in browser histories or web server logs.
Recommendations
Update to version 2.4.0p13 or later.
Update to version 2.3.0p38 or later.
Update to version 2.2.0p46 or later.
Update to a supported version, as version 2.1.0 has reached End of Life (EOL).
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Checkmk