Vulnerability-Lookup

CVE-2024-38862 (GCVE-0-2024-38862)

Vulnerability from cvelistv5 – Published: 2024-10-14 07:19 – Updated: 2024-10-14 15:34

Title

SNMP and IMPI secrets written to audit log

Summary

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators.

Severity ?

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

CWE

CWE-532 - Insertion of Sensitive Information into Log File

Assigner

Checkmk

References

URL

	Vendor	Product	Version
	Checkmk GmbH	Checkmk	Affected: 2.0.0 , ≤ 2.0.0p39 (semver) Affected: 2.1.0 , < 2.1.0p48 (semver) Affected: 2.2.0 , < 2.2.0p35 (semver) Affected: 2.3.0 , < 2.3.0p18 (semver)

GHSA-MWRQ-QV64-XGQ7

Vulnerability from github – Published: 2024-10-14 09:30 – Updated: 2024-12-03 18:31

Details

Severity ?

4.4 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

5.1 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-38862"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-14T08:15:02Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File in Checkmk GmbH\u0027s Checkmk versions \u003c2.3.0p18, \u003c2.2.0p35, \u003c2.1.0p48 and \u003c=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators.",
  "id": "GHSA-mwrq-qv64-xgq7",
  "modified": "2024-12-03T18:31:01Z",
  "published": "2024-10-14T09:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38862"
    },
    {
      "type": "WEB",
      "url": "https://checkmk.com/werk/17095"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

FKIE_CVE-2024-38862

Vulnerability from fkie_nvd - Published: 2024-10-14 08:15 - Updated: 2024-12-03 16:56

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	security@checkmk.com	https://checkmk.com/werk/17095	Vendor Advisory

Impacted products

Vendor	Product	Version
checkmk	checkmk	2.0.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.1.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.2.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0
checkmk	checkmk	2.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFBDA1FD-7112-4309-AFDC-57DFF865365A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*",
              "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*",
              "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*",
              "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*",
              "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*",
              "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*",
              "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*",
              "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*",
              "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*",
              "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*",
              "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*",
              "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*",
              "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*",
              "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*",
              "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*",
              "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*",
              "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*",
              "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*",
              "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*",
              "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*",
              "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*",
              "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*",
              "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*",
              "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*",
              "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*",
              "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*",
              "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*",
              "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*",
              "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*",
              "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*",
              "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*",
              "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*",
              "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*",
              "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*",
              "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*",
              "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*",
              "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*",
              "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*",
              "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*",
              "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*",
              "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*",
              "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*",
              "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*",
              "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p45:*:*:*:*:*:*",
              "matchCriteriaId": "4EE19624-17FB-45DD-926D-1A745FF02CB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p46:*:*:*:*:*:*",
              "matchCriteriaId": "C7E289B5-B6C6-4514-9CA1-5EBE155ECFE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p47:*:*:*:*:*:*",
              "matchCriteriaId": "ECBDBA95-0CAA-42A2-A3B1-B4D0DF1F7523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p48:*:*:*:*:*:*",
              "matchCriteriaId": "B0819489-976E-4C46-9D76-0338F40C2A64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*",
              "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*",
              "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*",
              "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*",
              "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*",
              "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*",
              "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*",
              "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*",
              "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*",
              "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*",
              "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*",
              "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*",
              "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*",
              "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*",
              "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*",
              "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*",
              "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*",
              "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*",
              "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*",
              "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*",
              "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*",
              "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*",
              "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*",
              "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*",
              "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*",
              "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*",
              "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*",
              "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*",
              "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*",
              "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*",
              "matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*",
              "matchCriteriaId": "2E44AE62-1746-410F-A28E-F8292E1F8D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*",
              "matchCriteriaId": "B6C1AC39-5AE0-4FC8-93FF-966400B074F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*",
              "matchCriteriaId": "68455233-52CD-44B8-8B02-D94BA84DA6A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:*",
              "matchCriteriaId": "1C95A313-7665-4877-B421-0D20E3D3D54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*",
              "matchCriteriaId": "0AEF278D-D782-4A2B-B1B8-19A21D151AA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p34:*:*:*:*:*:*",
              "matchCriteriaId": "B027FE8B-1802-4449-A0CB-6D15F9634559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*",
              "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*",
              "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*",
              "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*",
              "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*",
              "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*",
              "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*",
              "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*",
              "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*",
              "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*",
              "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*",
              "matchCriteriaId": "3C0F1DC8-D9DF-4A7A-80DC-618FAB091375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*",
              "matchCriteriaId": "9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*",
              "matchCriteriaId": "EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*",
              "matchCriteriaId": "9F89225F-6969-4D89-B889-9CB09972825B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*",
              "matchCriteriaId": "2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*",
              "matchCriteriaId": "625A6998-5DAE-4538-9760-20523CCE501F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*",
              "matchCriteriaId": "6EFD4461-2C37-418F-90AD-3A956B2D91C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*",
              "matchCriteriaId": "88523633-844C-41FE-ADF1-74D6AA2BCE6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*",
              "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*",
              "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*",
              "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*",
              "matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*",
              "matchCriteriaId": "EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*",
              "matchCriteriaId": "91C194C1-5292-4E2A-BB71-9C5CD3CE6194",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insertion of Sensitive Information into Log File in Checkmk GmbH\u0027s Checkmk versions \u003c2.3.0p18, \u003c2.2.0p35, \u003c2.1.0p48 and \u003c=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators."
    },
    {
      "lang": "es",
      "value": "La inserci\u00f3n de informaci\u00f3n confidencial en el archivo de registro en las versiones de Checkmk de Checkmk GmbH \u0026lt;2.3.0p18, \u0026lt;2.2.0p35, \u0026lt;2.1.0p48 y \u0026lt;=2.0.0p39 (EOL) hace que los secretos SNMP e IMPI de las propiedades del host y de la carpeta se escriban en archivos de registro de auditor\u00eda accesibles para los administradores."
    }
  ],
  "id": "CVE-2024-38862",
  "lastModified": "2024-12-03T16:56:19.887",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 2.0,
          "baseSeverity": "LOW",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security@checkmk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-14T08:15:02.563",
  "references": [
    {
      "source": "security@checkmk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://checkmk.com/werk/17095"
    }
  ],
  "sourceIdentifier": "security@checkmk.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "security@checkmk.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-38862 (GCVE-0-2024-38862)

GHSA-MWRQ-QV64-XGQ7

FKIE_CVE-2024-38862

Tags

Sightings

Nomenclature