CVE-2024-6747
published 2024-10-10CVE-2024-6747: Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.37%
28.9th percentile
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk | checkmk | >= 2.0.0 < 2.1.0 | 2.1.0 |
| checkmk_gmbh | checkmk | 2.0.0 – 2.0.0p39 | — |
| checkmk_gmbh | checkmk | >= 2.1.0 < 2.1.0p49 | 2.1.0p49 |
| checkmk_gmbh | checkmk | >= 2.2.0 < 2.2.0p36 | 2.2.0p36 |
| checkmk_gmbh | checkmk | >= 2.3.0 < 2.3.0p18 | 2.3.0p18 |
| mozilla | firefox | >= 0 < 125.0.3+build1-0ubuntu0.20.04.1 | 125.0.3+build1-0ubuntu0.20.04.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-53m6-g2mp-6mj7: Information leakage in mknotifyd in Checkmk before 2
ghsa_unreviewed·2024-10-10
CVE-2024-6747 [MEDIUM] CWE-200 GHSA-53m6-g2mp-6mj7: Information leakage in mknotifyd in Checkmk before 2
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
OSV
CVE-2024-6747: Information leakage in mknotifyd in Checkmk before 2
osv·2024-10-10·CVSS 7.5
CVE-2024-6747 [HIGH] CVE-2024-6747: Information leakage in mknotifyd in Checkmk before 2
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
OSV
firefox regressions
osv·2024-05-02·CVSS 3.7
CVE-2024-3852 firefox regressions
firefox regressions
USN-6747-1 fixed vulnerabilities in Firefox. The update introduced
several minor regressions. This update fixes the problem.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-3852,
CVE-2024-3864, CVE-2024-3865)
Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2
CONTINUATION frames. An attacker could potentially exploit this issue to
cause a denial of service. (CVE-2024-3302)
Gary Kwong discovered that Firefox did not properly manage memory when
running garbage collection during realm initialization
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-10
Published