Primary

Context

Checkmk Agent Updater Permission Vulnerability on Linux and Solaris

Vulnerability

Patched

A vulnerability exists in Checkmk's automatic agent updates on Linux and Solaris platforms, affecting versions prior to 2.4.0p1, 2.3.0p32, 2.2.0p42, and 2.1.0p49 (EOL). The issue arises from packages being downloaded with overly permissive rights, which could allow a local attacker to access sensitive data. This vulnerability impacts users who have enabled 'Automatic Agent Updates' for Linux and Solaris hosts.

Impact

The vulnerability could lead to unauthorized access to sensitive data in the configuration, allowing other users on the host to read this information.

Remediation

Users can update to Checkmk versions 2.4.0p1, 2.3.0p32, 2.2.0p42, or a future release of 2.5.0b1. If an update is not feasible, consider disabling 'Automatic Agent Updates' on affected hosts.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.7

exploitability

3.4

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.7

exploitability

3.4

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Checkmk Agent Updater Permission Vulnerability on Linux and Solaris

Vulnerability

Impact

Remediation

Affected Products

Checkmk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating