CVE-2024-38865 Information

Description

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39 2.3.0p25 and 2.1.0p51 (EOL) allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for an event to originate from a host with the same contact group or from an event generated with an unknown host.

Reference

https://checkmk.com/werk/17028