PT-2025-48802 · Unknown+3 · Checkmk Multisiteauth+3
Shortfinga
·
Published
2025-12-03
·
Updated
2025-12-19
·
CVE-2025-39665
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Nagvis Checkmk MultisiteAuth versions prior to 1.9.48
Description
An unauthenticated attacker can enumerate Checkmk usernames. This issue affects the user enumeration functionality within the software.
Recommendations
Update to version 1.9.48 or later.
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Checkmk
Checkmk Multisiteauth
Debian
Nagvis