CVE-2025-65000 (GCVE-0-2025-65000)
Vulnerability from cvelistv5 – Published: 2025-12-18 14:04 – Updated: 2025-12-18 15:28
VLAI?
Title
Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule
Summary
SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML source in Checkmk <= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.
Severity ?
CWE
- CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.4.0 , < 2.4.0p18
(semver)
Affected: 2.3.0 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T15:28:17.768735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T15:28:51.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.4.0p18",
"status": "affected",
"version": "2.4.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.0p18",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SSH private keys of the \"Remote alert handlers (Linux)\" rule were exposed in the rule page\u0027s HTML source in Checkmk \u003c= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37: Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:L",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T14:04:12.809Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/19030"
}
],
"title": "Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule",
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Checkmk",
"cveId": "CVE-2025-65000",
"datePublished": "2025-12-18T14:04:12.809Z",
"dateReserved": "2025-11-12T09:16:24.095Z",
"dateUpdated": "2025-12-18T15:28:51.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-65000\",\"sourceIdentifier\":\"security@checkmk.com\",\"published\":\"2025-12-18T14:15:59.947\",\"lastModified\":\"2025-12-23T17:04:50.833\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SSH private keys of the \\\"Remote alert handlers (Linux)\\\" rule were exposed in the rule page\u0027s HTML source in Checkmk \u003c= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@checkmk.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":2.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@checkmk.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-212\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8447E2D1-A540-4D4D-A89B-71581EB5C47A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"83202950-840A-4CB7-AD96-CE62E84FABD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A020A77-7D84-4557-9B0B-D74A89BC1538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9770554-978B-4552-9E0E-CD6B6675243C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1883D2F4-CB96-4DDE-87E8-D1990A3FA092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*\",\"matchCriteriaId\":\"99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F08FE580-67D4-419C-AE4A-3B9EBC6A2838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DD5C67F-CD3E-400E-802D-8B52408A259F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"310A2FA2-633A-48FB-A5C2-9A9A922E72E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C0F1DC8-D9DF-4A7A-80DC-618FAB091375\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F89225F-6969-4D89-B889-9CB09972825B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"625A6998-5DAE-4538-9760-20523CCE501F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EFD4461-2C37-418F-90AD-3A956B2D91C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*\",\"matchCriteriaId\":\"88523633-844C-41FE-ADF1-74D6AA2BCE6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p18:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA03E01-06D1-4E18-9C7B-CB6E49E5954B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p19:*:*:*:*:*:*\",\"matchCriteriaId\":\"91F171B6-7F9A-4B9B-B53D-277FE74124F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p20:*:*:*:*:*:*\",\"matchCriteriaId\":\"34FF7D09-2129-4266-BF71-5424DC9E18B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p21:*:*:*:*:*:*\",\"matchCriteriaId\":\"246F0BA5-F927-4204-97F3-51870072599F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p22:*:*:*:*:*:*\",\"matchCriteriaId\":\"86ED47B6-58FB-4BAC-9C87-F7BC08AB3870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p23:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CFF173A-373B-4948-BD22-86C031B58E6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p24:*:*:*:*:*:*\",\"matchCriteriaId\":\"90648825-55F7-472A-944E-7E5C787FAFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p25:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EE2BA6D-737A-4EEB-B8A2-91E9C61B70C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p26:*:*:*:*:*:*\",\"matchCriteriaId\":\"94FA8F05-267D-4B24-9AA3-A77FAD259310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p27:*:*:*:*:*:*\",\"matchCriteriaId\":\"085B463B-633A-447A-B61C-99DD78B49A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p28:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5DB112B-EE65-4BAB-AED8-716E618FD89C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p29:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD9EDBC8-A6A7-4348-8446-1D1DDDACDC51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B28A0C9D-072A-413C-8587-CD57CB918190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p30:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB0E10D1-2497-4CAE-ABA5-9F861C6A65DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p31:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E64A46A-A1E2-4272-A7B8-36140AF2B889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p32:*:*:*:*:*:*\",\"matchCriteriaId\":\"28568D2A-CA5B-42C2-8A32-FF783CB7A06F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p33:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82F8827-B7B2-4C10-A42A-77781BC7B24B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p34:*:*:*:*:*:*\",\"matchCriteriaId\":\"F641BB83-8A0D-42D0-AB3E-7314918FDC9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p35:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCCE61D4-00B1-4D83-8FAE-8F2FA8F48E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p36:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB9628A-5A72-4DD5-9D4A-CBE13B0CFDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p37:*:*:*:*:*:*\",\"matchCriteriaId\":\"E34FEBB1-0935-4363-B4FE-45901BFC9A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p38:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C43DE3C-0098-4613-B2A4-39607A63CE42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p39:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F5F5665-C2A9-4877-B3F6-59059A1EEFF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF22D0A7-82B1-4598-B8C5-BDFE523D07F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p40:*:*:*:*:*:*\",\"matchCriteriaId\":\"7352D105-D045-427C-BA79-0B16D41139D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p41:*:*:*:*:*:*\",\"matchCriteriaId\":\"589909F7-D6E5-4B33-9735-2B97E0B37B87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"20035AFB-75B4-4164-9833-A2FCAE24B577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCBACEB-7130-455D-B4BE-243053C116DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"156384E2-E04B-4153-A91F-3F307C9FEAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C194C1-5292-4E2A-BB71-9C5CD3CE6194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"022C075A-4B04-4141-A7D7-F93C9A7CE0FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"60C00469-0CD1-4E9C-8370-CE113842056C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"179905FC-821F-4214-A872-E4E3702419D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"04956994-D5A8-45EE-9DC2-8A1D3058CE8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8868449B-7259-4C3B-8344-0EFE0BA3A97E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBDF3A13-582F-43D2-B42F-0DC42D4FBFBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b6:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF500B3-AA6A-4618-BC7E-0F214B795E0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CFE68AB-1F57-497C-9229-29ED3A73D87F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"577F9F72-2FDA-4F87-A840-05158F2368B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F3AD894-660B-41FC-B910-899A764A00B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"21853BB4-1BB5-40E3-82E2-253899D898ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7963D66-A89A-4167-A2BA-DFF89B439EAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"42099281-2026-4507-A20B-C669C206ADB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"29A44B1E-83CD-4A3D-AFFD-82AAC7760293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4B87192-D81E-4269-ABF3-8D700BB531B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p17:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D35CD46-F8CF-49C3-8CD9-53E1ED038023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B5649C-C0BA-4905-98DD-CA606DD2B886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B11306B4-1092-470C-BA87-DBD02A18A74B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"74F78C48-030A-48A1-B69E-04C4EA5CCC12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8701A914-774B-4E3B-A651-4A9FD19A187A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"19E40054-C44D-4C4C-B077-0333D8201E5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E2D2F49-32B2-42AA-B99E-7C39403CF104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACE440F8-EBF5-4DBB-A215-57D770C66219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A94395D-DDCE-4977-89CA-46F71C3CA2B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"9513876C-8DF0-4A59-864F-8401BAA43376\"}]}]}],\"references\":[{\"url\":\"https://checkmk.com/werk/19030\",\"source\":\"security@checkmk.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-65000\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-18T15:28:17.768735Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-18T15:28:43.968Z\"}}], \"cna\": {\"title\": \"Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule\", \"impacts\": [{\"capecId\": \"CAPEC-37\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-37: Retrieve Embedded Sensitive Data\"}]}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 2.3, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:L\"}}], \"affected\": [{\"vendor\": \"Checkmk GmbH\", \"product\": \"Checkmk\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.4.0\", \"lessThan\": \"2.4.0p18\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.3.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://checkmk.com/werk/19030\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SSH private keys of the \\\"Remote alert handlers (Linux)\\\" rule were exposed in the rule page\u0027s HTML source in Checkmk \u003c= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-212\", \"description\": \"CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.4.0p18\", \"versionStartIncluding\": \"2.4.0\"}, {\"criteria\": \"cpe:2.3:a:checkmk:checkmk:2.3.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f7d6281c-4801-44ce-ace2-493291dedb0f\", \"shortName\": \"Checkmk\", \"dateUpdated\": \"2025-12-18T14:04:12.809Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-65000\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-18T15:28:51.856Z\", \"dateReserved\": \"2025-11-12T09:16:24.095Z\", \"assignerOrgId\": \"f7d6281c-4801-44ce-ace2-493291dedb0f\", \"datePublished\": \"2025-12-18T14:04:12.809Z\", \"assignerShortName\": \"Checkmk\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…