Vulnerability Details CVE-2025-32917
Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-32917
-
cpe:2.3:a:checkmk:checkmk:2.1.0
-
cpe:2.3:a:checkmk:checkmk:2.2.0
-
cpe:2.3:a:checkmk:checkmk:2.3.0
-
cpe:2.3:a:checkmk:checkmk:2.4.0