Checkmk is a monitoring and management tool for IT infrastructure. This vulnerability allows low-privileged users to view agent information via the REST API, which could lead to information disclosure.
Checkmk is a monitoring and management tool for IT infrastructure. This vulnerability allows low-privileged users to view agent information via the REST API, which could lead to information disclosure.
You're affected if you use Checkmk Enterprise (CEE), Checkmk Cloud (CCE), or Checkmk MSP (CME) versions 2.4.0p17 and earlier. To check if your version is affected:
grep -q "Checkmk Enterprise" /etc/checkmk/config.d/*.conf
This vulnerability affects commercial editions of Checkmk in the default configuration, not the free Community Edition.
Upgrade to Checkmk 2.5.0b1 or later (available on the official website).
- For immediate mitigations:
- Restrict network access to your Checkmk instance.
- Audit admin account activity for suspicious access patterns.
- Monitor for unauthorized token creation.