CVE-2024-38865

Published: Apr 10, 2025

Modified: Apr 10, 2025

PUBLISHED

Description

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 (EOL) allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for an event to originate from a host with the same contact group or from an event generated with an unknown host.

Vendor	Product	Versions
Checkmk GmbH	Checkmk	affected `2.3.0 - < 2.3.0p25` affected `2.2.0 - < 2.2.0p39` affected `2.1.0 - <= 2.1.0p50`

Weaknesses (CWE)

CWE-140

References

https://checkmk.com/werk/17028

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-38865

Description

Affected Products

Weaknesses (CWE)

References