CVE-2025-32917

Опубликовано: 13 мая 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate privileges.

Ссылки

https://checkmk.com/werk/17985
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p45:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p46:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p47:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p48:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p34:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p35:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p36:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p37:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p38:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p39:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p40:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p41:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p18:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p19:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p20:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p21:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p22:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p23:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p24:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p25:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p26:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p27:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p28:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p29:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p30:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p31:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:-:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:b1:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:b2:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:b3:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:b4:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:b5:*:*:*:*:*:*

cpe:2.3:a:checkmk:checkmk:2.4.0:b6:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00077

Низкий

8.8 High

CVSS3

Дефекты

CWE-427

Связанные уязвимости

CVE-2025-32917

CVSS3: 8.8

ubuntu

9 месяцев назад

CVE-2025-32917

CVSS3: 8.8

debian

9 месяцев назад

Privilege escalation in jar_signature agent plugin in Checkmk versions ...

GHSA-q7j8-2mcw-6rrm

CVSS3: 8.8

github

9 месяцев назад

EPSS

Процентиль: 23%

0.00077

Низкий

8.8 High

CVSS3

Дефекты

CWE-427