CVE-2025-58126
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-28
Last updated on: 2025-09-23
Assigner: Checkmk GmbH
Description
Description
Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM position to intercept traffic.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tomtretbar | vmware_vsan | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper certificate validation issue in the Checkmk Exchange plugin for VMware vSAN. It allows attackers who are in a Man-in-the-Middle (MitM) position to intercept the traffic between the plugin and its communication endpoints.
How can this vulnerability impact me? :
The vulnerability can allow attackers to intercept and potentially manipulate sensitive data transmitted by the Checkmk Exchange plugin for VMware vSAN. This could lead to unauthorized access to information or disruption of services relying on this communication.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70