CVE-2025-39665

Опубликовано: 03 дек. 2025

Источник: debian

EPSS Низкий

Описание

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames.

Пакет	Статус	Версия исправления	Релиз	Тип
nagvis	fixed	1:1.9.48-1		package
nagvis	no-dsa		trixie	package
nagvis	no-dsa		bookworm	package

https://github.com/NagVis/nagvis/pull/411
Fixed by: https://github.com/NagVis/nagvis/commit/1a3d3ed21fb974da952ce2df13f20c2884626ebe (nagvis-1.9.48)

EPSS

Процентиль: 16%

0.00052

Низкий

CVE-2025-39665

CVSS3: 5.3

ubuntu

2 месяца назад

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames.

CVE-2025-39665

CVSS3: 5.3

nvd

2 месяца назад

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames.

GHSA-2x34-p5xr-4cq8

CVSS3: 5.3

github

2 месяца назад

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames.

EPSS

Процентиль: 16%

0.00052

Низкий