Home

Description

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions <2.4.0p13, <2.3.0p38, <2.2.0p46, and 2.1.0 (EOL) may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs.

PUBLISHED Reserved 2025-04-14 | Published 2025-10-09 | Updated 2025-10-09 | Assigner Checkmk




LOW: 1.0CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Problem types

CWE-598: Use of GET Request Method With Sensitive Query Strings

Product status

Default status
unaffected

2.4.0 before 2.4.0p13
affected

2.3.0 before 2.3.0p38
affected

2.2.0 before 2.2.0p46
affected

2.1.0
affected

References

checkmk.com/werk/17105

cve.org (CVE-2025-32916)

nvd.nist.gov (CVE-2025-32916)

Download JSON