CVE-2025-58122

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-58122

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58122.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-58122

Downstream

UBUNTU-CVE-2025-58122

Published

2025-11-18T16:15:44.930Z

Modified

2026-03-13T03:41:47.186714Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure.

References

https://checkmk.com/werk/18982

Affected packages

Git / github.com/checkmk/checkmk

Affected ranges

Type

GIT

Repo

https://github.com/checkmk/checkmk

Events

Introduced

Last affected

4abde4a41de677e103561e4fb75b81f6ee8b80dd

Introduced

Last affected

4807b162eabc6da5accf1391ddd4c35dc964f904

Introduced

Last affected

ad0758a3c7d5c68ceb2b561cc099d5b0dcf84170

Introduced

Last affected

a314c586cd7a3ebb27029427654d0bea50db5452

Introduced

Last affected

cf744b214554060204275d22fad1dd92e8f61fa9

Introduced

Last affected

241a54afaa485f507682f43e4ca5ed8c36c85c22

Introduced

Last affected

7a09b9121bd499fd38d2167004089f0da782d68a

Introduced

Last affected

4807b162eabc6da5accf1391ddd4c35dc964f904

Introduced

Last affected

407df5847db1227bee188f0d81929351616da740

Introduced

Last affected

5ef5a23e8333efd927f110e0d35ee501d6f02031

Introduced

Last affected

e167463fc0836b6d90a444854ffcc8ac99aa9603

Introduced

Last affected

672ad736fd4844851e3a95aa6a725213b7d432e0

Introduced

Last affected

cf33e0be1b2b7de8d475d977c0bacfb80f5bd85c

Introduced

Last affected

16499ad6c4705e789849147884882d40cc56767a

Introduced

Last affected

ad0758a3c7d5c68ceb2b561cc099d5b0dcf84170

Introduced

Last affected

a314c586cd7a3ebb27029427654d0bea50db5452

Introduced

Last affected

cf744b214554060204275d22fad1dd92e8f61fa9

Introduced

Last affected

241a54afaa485f507682f43e4ca5ed8c36c85c22

Introduced

Last affected

7a09b9121bd499fd38d2167004089f0da782d68a

Introduced

Last affected

365b53739e47f81c0e8b55934b6d9f59ddb39cf7

Introduced

Last affected

e4ca27fe3f410af7eded09e0809d06066390ce0d

Introduced

Last affected

df508000718009a401a35af049c246997421bdba

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-b2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-b3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-b4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-b5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-b6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p12"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p13"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p14"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p15"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.0-p9"
        }
    ]
}

Affected versions

1.*

1.1.0beta17

v1.*

v1.1.0

v1.1.10

v1.1.10b1

v1.1.10b2

v1.1.11i1

v1.1.11i2

v1.1.11i3

v1.1.11i4

v1.1.12

v1.1.12b1

v1.1.12b2

v1.1.13i1

v1.1.13i2

v1.1.13i3

v1.1.2

v1.1.3

v1.1.3b1

v1.1.4

v1.1.5i0

v1.1.5i1

v1.1.5i2

v1.1.5i3

v1.1.6

v1.1.6b2

v1.1.6b3

v1.1.7i1

v1.1.7i2

v1.1.7i3

v1.1.7i4

v1.1.7i5

v1.1.8

v1.1.8b1

v1.1.8b2

v1.1.8b3

v1.1.9i1

v1.1.9i2

v1.1.9i3

v1.1.9i4

v1.1.9i5

v1.1.9i6

v1.1.9i7

v1.1.9i8

v1.1.9i9

v1.2.0b1

v1.2.0b2

v1.2.0b3

v1.2.0b4

v1.2.0b5

v1.2.0b6

v1.2.0p1

v1.2.0p2

v1.2.0p3

v1.2.1i1

v1.2.1i2

v1.2.1i3

v1.2.1i4

v1.2.1i5

v1.2.2b1

v1.2.3i1

v1.2.3i2

v1.2.3i3

v1.2.3i4

v1.2.3i5

v1.2.3i6

v1.2.3i7

v1.2.5i1

v1.2.5i2

v1.2.5i3

v1.2.5i4

v1.2.5i5

v1.2.5i6

v1.2.7i1

v1.2.7i2

v1.2.7i3

v1.4.0i1

v1.4.0i2

v1.4.0i3

v1.5.0i1

v1.5.0i2

v1.5.0i3

v1.6.0b1

v2.*

v2.0.0i1

v2.4.0

v2.4.0-rc1

v2.4.0b1-rc1

v2.4.0b2-rc1

v2.4.0b3

v2.4.0b3-rc1

v2.4.0b4

v2.4.0b4-rc1

v2.4.0b5

v2.4.0b5-rc1

v2.4.0b6

v2.4.0b6-rc1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58122.json"