DEBIAN-CVE-2025-39665
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-39665
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-39665.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-39665
- Upstream
- Published
- 2025-12-03T10:15:47.913Z
- Modified
- 2025-12-20T11:01:07.588897Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames.
- References
Affected packages
Debian:11 / nagvis
Package
- Name
- nagvis
- Purl
- pkg:deb/debian/nagvis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:1.*
1:1.9.25-2
1:1.9.25-2+deb11u1
1:1.9.25-2+deb11u2
1:1.9.26-1~exp1
1:1.9.27-1~exp1
1:1.9.27-1
1:1.9.28-1
1:1.9.29-1
1:1.9.30-1
1:1.9.31-1
1:1.9.32-1
1:1.9.33-1
1:1.9.34-1
1:1.9.35-1~exp1
1:1.9.35-1
1:1.9.36-1
1:1.9.37-1
1:1.9.38-1
1:1.9.39-1
1:1.9.40-1
1:1.9.41-1
1:1.9.42-1
1:1.9.43-1
1:1.9.44-1
1:1.9.45-1
1:1.9.46-1
1:1.9.47-1~exp1
1:1.9.47-1
1:1.9.48-1
Debian:12 / nagvis
Package
- Name
- nagvis
- Purl
- pkg:deb/debian/nagvis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / nagvis
Package
- Name
- nagvis
- Purl
- pkg:deb/debian/nagvis?arch=source
Debian:14 / nagvis
Package
- Name
- nagvis
- Purl
- pkg:deb/debian/nagvis?arch=source