CNNVD-202510-1298 Information

CNNVD ID

CNNVD-202510-1298

Related CVE

CVE-2025-39664

• CNNVD Published: 2025-10-09

Description (Chinese)

Checkmk是Checkmk公司的一个 IT 监控平台。 Checkmk 2.4.0p13之前版本、2.3.0p38之前版本、2.2.0p46之前版本和2.1.0版本存在安全漏洞，该漏洞源于报告调度程序中转义不足，可能导致攻击者将报告文件对的存储位置定义在其预期的根目录之外。

Description (English)

Checkmk is an IT monitoring platform for Checkmk. There is a security loophole in the pre-checkmk version 2.4.0p13, the pre-version version 2.3.0p38, the pre-version version 2.2.0p46 and the version 2.1.0, which stems from inadequate transposition in the reporting schedule, which may lead the assailant to define the storage location of the reporting document beyond its intended root directory.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Checkmk

Published

2025-10-09

Last Modified

2026-02-24

References

https://checkmk.com/werk/17984 https://access.redhat.com/security/cve/cve-2025-39664

Patch

https://checkmk.com/download