CVE-2024-38864

Published: Dec 19, 2024Modified: Aug 25, 2025

4.8

Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: security@checkmk.com (Secondary)

Description

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2.0p38 and <= 2.1.0p49 (EOL) allows a local attacker to read sensitive data.

Affected (136)

Products: Checkmk: Checkmk

Checkmk

1 product

Checkmk

Configuration A

136 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Checkmk Checkmk	Before 2.1.0
Checkmk Checkmk	Version 2.1.0
Checkmk Checkmk	Version 2.1.0 b1
Checkmk Checkmk	Version 2.1.0 b2
Checkmk Checkmk	Version 2.1.0 b3
Checkmk Checkmk	Version 2.1.0 b4
Checkmk Checkmk	Version 2.1.0 b5
Checkmk Checkmk	Version 2.1.0 b6
Checkmk Checkmk	Version 2.1.0 b7
Checkmk Checkmk	Version 2.1.0 b8
Checkmk Checkmk	Version 2.1.0 b9
Checkmk Checkmk	Version 2.1.0 p10
Checkmk Checkmk	Version 2.1.0 p11
Checkmk Checkmk	Version 2.1.0 p12
Checkmk Checkmk	Version 2.1.0 p13
Checkmk Checkmk	Version 2.1.0 p14
Checkmk Checkmk	Version 2.1.0 p15
Checkmk Checkmk	Version 2.1.0 p16
Checkmk Checkmk	Version 2.1.0 p17
Checkmk Checkmk	Version 2.1.0 p18
Checkmk Checkmk	Version 2.1.0 p19
Checkmk Checkmk	Version 2.1.0 p1
Checkmk Checkmk	Version 2.1.0 p20
Checkmk Checkmk	Version 2.1.0 p21
Checkmk Checkmk	Version 2.1.0 p22
Checkmk Checkmk	Version 2.1.0 p23
Checkmk Checkmk	Version 2.1.0 p24
Checkmk Checkmk	Version 2.1.0 p25
Checkmk Checkmk	Version 2.1.0 p26
Checkmk Checkmk	Version 2.1.0 p27
Checkmk Checkmk	Version 2.1.0 p28
Checkmk Checkmk	Version 2.1.0 p29
Checkmk Checkmk	Version 2.1.0 p2
Checkmk Checkmk	Version 2.1.0 p30
Checkmk Checkmk	Version 2.1.0 p31
Checkmk Checkmk	Version 2.1.0 p32
Checkmk Checkmk	Version 2.1.0 p33
Checkmk Checkmk	Version 2.1.0 p34
Checkmk Checkmk	Version 2.1.0 p35
Checkmk Checkmk	Version 2.1.0 p36
Checkmk Checkmk	Version 2.1.0 p37
Checkmk Checkmk	Version 2.1.0 p38
Checkmk Checkmk	Version 2.1.0 p39
Checkmk Checkmk	Version 2.1.0 p3
Checkmk Checkmk	Version 2.1.0 p40
Checkmk Checkmk	Version 2.1.0 p41
Checkmk Checkmk	Version 2.1.0 p42
Checkmk Checkmk	Version 2.1.0 p43
Checkmk Checkmk	Version 2.1.0 p44
Checkmk Checkmk	Version 2.1.0 p45
Checkmk Checkmk	Version 2.1.0 p46
Checkmk Checkmk	Version 2.1.0 p47
Checkmk Checkmk	Version 2.1.0 p48
Checkmk Checkmk	Version 2.1.0 p49
Checkmk Checkmk	Version 2.1.0 p4
Checkmk Checkmk	Version 2.1.0 p5
Checkmk Checkmk	Version 2.1.0 p6
Checkmk Checkmk	Version 2.1.0 p7
Checkmk Checkmk	Version 2.1.0 p8
Checkmk Checkmk	Version 2.1.0 p9
Checkmk Checkmk	Version 2.2.0
Checkmk Checkmk	Version 2.2.0 b1
Checkmk Checkmk	Version 2.2.0 b2
Checkmk Checkmk	Version 2.2.0 b3
Checkmk Checkmk	Version 2.2.0 b4
Checkmk Checkmk	Version 2.2.0 b5
Checkmk Checkmk	Version 2.2.0 b6
Checkmk Checkmk	Version 2.2.0 b7
Checkmk Checkmk	Version 2.2.0 b8
Checkmk Checkmk	Version 2.2.0 i1
Checkmk Checkmk	Version 2.2.0 p10
Checkmk Checkmk	Version 2.2.0 p11
Checkmk Checkmk	Version 2.2.0 p12
Checkmk Checkmk	Version 2.2.0 p13
Checkmk Checkmk	Version 2.2.0 p14
Checkmk Checkmk	Version 2.2.0 p15
Checkmk Checkmk	Version 2.2.0 p16
Checkmk Checkmk	Version 2.2.0 p17
Checkmk Checkmk	Version 2.2.0 p18
Checkmk Checkmk	Version 2.2.0 p19
Checkmk Checkmk	Version 2.2.0 p1
Checkmk Checkmk	Version 2.2.0 p20
Checkmk Checkmk	Version 2.2.0 p21
Checkmk Checkmk	Version 2.2.0 p22
Checkmk Checkmk	Version 2.2.0 p23
Checkmk Checkmk	Version 2.2.0 p24
Checkmk Checkmk	Version 2.2.0 p25
Checkmk Checkmk	Version 2.2.0 p26
Checkmk Checkmk	Version 2.2.0 p27
Checkmk Checkmk	Version 2.2.0 p28
Checkmk Checkmk	Version 2.2.0 p29
Checkmk Checkmk	Version 2.2.0 p2
Checkmk Checkmk	Version 2.2.0 p30
Checkmk Checkmk	Version 2.2.0 p31
Checkmk Checkmk	Version 2.2.0 p32
Checkmk Checkmk	Version 2.2.0 p33
Checkmk Checkmk	Version 2.2.0 p34
Checkmk Checkmk	Version 2.2.0 p35
Checkmk Checkmk	Version 2.2.0 p36
Checkmk Checkmk	Version 2.2.0 p37
Checkmk Checkmk	Version 2.2.0 p3
Checkmk Checkmk	Version 2.2.0 p4
Checkmk Checkmk	Version 2.2.0 p5
Checkmk Checkmk	Version 2.2.0 p6
Checkmk Checkmk	Version 2.2.0 p7
Checkmk Checkmk	Version 2.2.0 p8
Checkmk Checkmk	Version 2.2.0 p9
Checkmk Checkmk	Version 2.3.0
Checkmk Checkmk	Version 2.3.0 b1
Checkmk Checkmk	Version 2.3.0 b2
Checkmk Checkmk	Version 2.3.0 b3
Checkmk Checkmk	Version 2.3.0 b4
Checkmk Checkmk	Version 2.3.0 b5
Checkmk Checkmk	Version 2.3.0 b6
Checkmk Checkmk	Version 2.3.0 p10
Checkmk Checkmk	Version 2.3.0 p11
Checkmk Checkmk	Version 2.3.0 p12
Checkmk Checkmk	Version 2.3.0 p13
Checkmk Checkmk	Version 2.3.0 p14
Checkmk Checkmk	Version 2.3.0 p15
Checkmk Checkmk	Version 2.3.0 p16
Checkmk Checkmk	Version 2.3.0 p17
Checkmk Checkmk	Version 2.3.0 p18
Checkmk Checkmk	Version 2.3.0 p19
Checkmk Checkmk	Version 2.3.0 p1
Checkmk Checkmk	Version 2.3.0 p20
Checkmk Checkmk	Version 2.3.0 p21
Checkmk Checkmk	Version 2.3.0 p22
Checkmk Checkmk	Version 2.3.0 p2
Checkmk Checkmk	Version 2.3.0 p3
Checkmk Checkmk	Version 2.3.0 p4
Checkmk Checkmk	Version 2.3.0 p5
Checkmk Checkmk	Version 2.3.0 p6
Checkmk Checkmk	Version 2.3.0 p7
Checkmk Checkmk	Version 2.3.0 p8
Checkmk Checkmk	Version 2.3.0 p9

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

CWE-732

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (1)

https://checkmk.com/werk/17098

Source: security@checkmk.com

Vendor Advisory

Timeline

No history available yet.