Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-xxw2-9c45-r2hr

Опубликовано: 13 мар. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 6.3
CVSS3: 4.3

Описание

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

Ссылки

EPSS

Процентиль: 12%
0.00041
Низкий

6.3 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

CVE-2026-2859

Дефекты

CWE-204

Связанные уязвимости

ubuntu логотип

CVE-2026-2859

CVSS3: 4.3
ubuntu
12 дней назад

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

nvd логотип

CVE-2026-2859

CVSS3: 4.3
nvd
12 дней назад

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

debian логотип

CVE-2026-2859

CVSS3: 4.3
debian
12 дней назад

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0 ...

EPSS

Процентиль: 12%
0.00041
Низкий

6.3 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

CVE-2026-2859

Дефекты

CWE-204