We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.
Reserved 2025-04-14 | Published 2025-07-04 | Updated 2025-07-04 | Assigner CheckmkCWE-140: Improper Neutralization of Delimiters
PS Positive Security GmbH
Support options