Vulnerabilities > Checkmk > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-24 | CVE-2024-28825 | Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing. | 9.8 |
2023-02-20 | CVE-2022-48317 | Insufficient Session Expiration vulnerability in Checkmk 2.0.0/2.1.0 Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI. | 9.8 |