CVSS 3.1 Score 8.2 of 10 (high)


Published Mar 22, 2024
CWE ID 272


CVE-2024-0638 is a vulnerability found in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs. This vulnerability affects Checkmk versions before 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41, and 2.0.0 (End of Life). The vulnerability allows local users to escalate privileges, violating the principle of least privilege. The risk score for this vulnerability is 25, with a base severity rating of HIGH (8.2). The impact includes a high risk to integrity and confidentiality, with an attack vector being local and no user interaction required. It is important for organizations using affected versions of Checkmk to apply the necessary updates or patches to remediate this vulnerability as it poses a significant danger to their security posture.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-0638 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options