Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Checkmk passwords can be deleted by unauthorized users
CVE-2026-3103
Summary
Checkmk versions prior to 2.4.0p23, 2.3.0p43, and 2.2.0 are vulnerable to a security issue that allows a low-privileged user to delete passwords. This could lead to unauthorized access to sensitive areas of your system. Update to a fixed version to prevent this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| checkmk | checkmk | 2.2.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.3.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
| checkmk | checkmk | 2.4.0 | – |
Original title
A logic error in the remove_password() function in Checkmk GmbH's Checkmk versions <2.4.0p23, <2.3.0p43, and 2.2.0 (EOL) allows a low-privileged user to cause data loss.
Original description
A logic error in the remove_password() function in Checkmk GmbH's Checkmk versions <2.4.0p23, <2.3.0p43, and 2.2.0 (EOL) allows a low-privileged user to cause data loss.
nvd CVSS3.1
5.4
nvd CVSS4.0
5.3
Vulnerability type
CWE-863
Incorrect Authorization
- https://checkmk.com/werk/19041 Mitigation Vendor Advisory
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026