Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-2859

Опубликовано: 13 мар. 2026
Источник: nvd
CVSS3: 4.3
EPSS Низкий

Описание

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p34:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p35:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p36:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p37:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p38:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p39:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p40:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p41:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p42:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p43:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p44:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p45:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p46:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p47:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p18:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p19:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p20:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p21:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p22:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p23:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p24:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p25:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p26:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p27:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p28:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p29:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p30:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p31:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p32:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p33:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p34:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p35:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p36:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p37:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p38:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p39:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p40:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p41:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p42:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:-:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:b6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p1:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p10:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p11:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p12:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p13:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p14:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p15:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p16:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p17:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p18:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p19:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p2:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p20:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p21:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p22:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p3:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p4:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p5:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p6:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p7:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p8:*:*:*:*:*:*
cpe:2.3:a:checkmk:checkmk:2.4.0:p9:*:*:*:*:*:*

EPSS

Процентиль: 12%
0.00041
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-204

Связанные уязвимости

ubuntu логотип

CVE-2026-2859

CVSS3: 4.3
ubuntu
12 дней назад

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

debian логотип

CVE-2026-2859

CVSS3: 4.3
debian
12 дней назад

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0 ...

github логотип

GHSA-xxw2-9c45-r2hr

CVSS3: 4.3
github
12 дней назад

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

EPSS

Процентиль: 12%
0.00041
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-204