CVE-2025-58122

Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.4.0p16

Description A flaw exists in Checkmk where inadequate permission checks allow users with limited privileges to alter notification settings through the REST API. This could potentially result in unauthorized actions or the exposure of sensitive information. The vulnerable API endpoint is used for managing notification parameters. The affected parameter is not specified.

Recommendations Update to version 2.4.0p16 or later.