Branch: refs/heads/2.0.0
Home:
https://github.com/tribe29/checkmk
Commit: a17d701c259fbe77f4e7cc0f549baa0773db06d9
https://github.com/tribe29/checkmk/commit/a17d701c259fbe77f4e7cc0f549baa077…
Author: Sergey Kipnis <sergey.kipnis(a)tribe29.com>
Date: 2022-10-17 (Mon, 17 Oct 2022)
Changed paths:
A .werks/14873
M agents/wnx/src/engine/cma_core.cpp
Log Message:
-----------
14873 SEC Windows agent's ProgramData directory is accessible only with admins
permissions
Previous to this Werk every authenticated Windows user could read some
(uncritical) data from the Windows agent. This was convenient to most
users since one did not need to elevate privileges.
To prevent issues with sensitive data being accidentially written to
logs we restrict the permission to read data of the Windows agent.
To our knowledge it was not possible to exploit this in any way.
We calculated the following CVSS score for this 0.0 (None):
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
Change-Id: I0a25b8d7c1a675f305f7da1c5298cac8f20791cf