Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-38863

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.

Published

2024-10-14T08:15:02.823

Last Modified

2024-12-03T16:47:15.693

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-598
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.1.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.2.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes
Application	checkmk	checkmk	2.3.0	Yes

References

https://checkmk.com/werk/17096 Vendor Advisory ([email protected])