Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log.

Related CVEs

CVE-2023-31207

Key Information

GHSA ID

GHSA-93fq-2c5r-cj4m

Published

May 2, 2023 9:30 AM

Last Modified

April 4, 2024 3:46 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 9, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.