CVE-2025-1075

High

Published: 19 February 2025

Published

19 February 2025

Modified

25 August 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0021 43.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p27, <2.2.0p40, and 2.1.0p51 (EOL) causes LDAP credentials to be written to Apache error log file accessible to administrators.

Security Summary

CVE-2025-1075, published on 2025-02-19, is an insertion of sensitive information into a log file vulnerability (CWE-532) affecting Checkmk GmbH's Checkmk monitoring software in versions prior to 2.3.0p27, prior to 2.2.0p40, and 2.1.0p51 (end-of-life). The issue causes LDAP credentials to be written to the Apache error log file, which is accessible to administrators. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high severity primarily due to confidentiality impact.

The vulnerability can be exploited over the network by unauthenticated attackers requiring low complexity and no user interaction. Successful exploitation results in high confidentiality impact, enabling access to sensitive LDAP credentials stored in the Apache error log file on affected Checkmk installations.

Mitigation is addressed in the Checkmk advisory at https://checkmk.com/werk/17495, with patches available in Checkmk versions 2.3.0p27, 2.2.0p40, and recommendations for end-of-life version 2.1.0p51 users to upgrade.

Details

CWE(s): CWE-532

Affected Products

checkmk

2.1.0, 2.2.0, 2.3.0 · ≤ 2.1.0

References

https://checkmk.com/werk/17495
Vendor Advisory · security@checkmk.com