CVE-2025-64997

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.

Published Dec 20, 2025

https://checkmk.com/werk/18681

CVSS ScoreMedium

6.5

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64997

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.

Published Dec 20, 2025

https://checkmk.com/werk/18681

CVSS ScoreMedium

6.5


rpm	check-mk	1.2.6p16-3.el5
rpm	check-mk	1.2.6p16-4.el6
rpm	check-mk	1.2.6p16-5.el6
rpm	check-mk	1.2.8p18-1.el7
rpm	check-mk	1.2.8p26-1.el7
rpm	check-mk	1.4.0p31-1.el7
rpm	check-mk	1.4.0p31-2.el7

Ecosystem	Package	Version


rpm	check-mk	1.2.6p16-3.el5
rpm	check-mk	1.2.6p16-4.el6
rpm	check-mk	1.2.6p16-5.el6
rpm	check-mk	1.2.8p18-1.el7
rpm	check-mk	1.2.8p26-1.el7
rpm	check-mk	1.4.0p31-1.el7
rpm	check-mk	1.4.0p31-2.el7

Find vulnerabilities. Fix fast with AI.

CVE-2025-64997

CVE-2025-64997