Branch: refs/heads/2.1.0
Home:
https://github.com/Checkmk/checkmk
Commit: 6fc4f3b341bae28d741edf172812ac204d2f78f5
https://github.com/Checkmk/checkmk/commit/6fc4f3b341bae28d741edf172812ac204…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-07-01 (Mon, 01 Jul 2024)
Changed paths:
A .werks/17010
M cmk/gui/valuespec.py
Log Message:
-----------
17010 SEC XSS in SQL check parameters
Prior to this Werk an attacher could add HTML to one parameter of the *Check SQL database*
rule which was executed on the overview page.
We found this vulnerability internally.
**Affected Versions**:
LI: 2.3.0
LI: 2.2.0
LI: 2.1.0
LI: 2.0.0 (probably older versions as well)
**Indicators of Compromis**:
The creation of such rules is logged in the audit log. You can therefore check the
`wato_audit.log` either on the terminal or in the UI for entries that contain malicious
HTML.
**Vulnerability Management**:
We have rated the issue with a CVSS Score of 6.5 (Medium) with the following CVSS vector:
`CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L`
We assigned CVE-2024-6052 to this vulnerability.
**Changes**:
This Werk fixes the escaping.
CMK-17809
Change-Id: I8cf2d8218f1d6bb449beb6947d879b8a114e081a
Commit: a6104a4a2d431870634becabd186b8e98460397e
https://github.com/Checkmk/checkmk/commit/a6104a4a2d431870634becabd186b8e98…
Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com>
Date: 2024-07-02 (Tue, 02 Jul 2024)
Changed paths:
A .werks/17090
M cmk/gui/backup.py
M cmk/gui/key_mgmt.py
M cmk/gui/plugins/wato/bi_config.py
M cmk/gui/plugins/wato/utils/simple_modes.py
M cmk/gui/wato/mkeventd.py
M cmk/gui/wato/pages/audit_log.py
M cmk/gui/wato/pages/bulk_discovery.py
M cmk/gui/wato/pages/bulk_edit.py
M cmk/gui/wato/pages/bulk_import.py
M cmk/gui/wato/pages/diagnostics.py
M cmk/gui/wato/pages/folders.py
M cmk/gui/wato/pages/global_settings.py
M cmk/gui/wato/pages/groups.py
M cmk/gui/wato/pages/host_diagnose.py
M cmk/gui/wato/pages/host_rename.py
M cmk/gui/wato/pages/icons.py
M cmk/gui/wato/pages/ldap.py
M cmk/gui/wato/pages/notifications.py
M cmk/gui/wato/pages/parentscan.py
M cmk/gui/wato/pages/read_only.py
M cmk/gui/wato/pages/roles.py
M cmk/gui/wato/pages/rulesets.py
M cmk/gui/wato/pages/search.py
M cmk/gui/wato/pages/sites.py
M cmk/gui/wato/pages/tags.py
M cmk/gui/wato/pages/timeperiods.py
M cmk/gui/wato/pages/users.py
M web/htdocs/js/modules/forms.js
Log Message:
-----------
17090 SEC Fix Various CSRF Issues
This Werk adds priviously missing CSRF-Token validation to various endpoints in WATO.
The lack of CSRF-Token validation could allow an attacker to perform actions on behalf of
a user without their consent, by tricking the user into visiting clicking on a malicious
link.
This vulnerability was identified during a commissioned penetration test conducted by PS
Positive Security GmbH.
*Affected Versions*:
* 2.3.0
* 2.2.0
* 2.1.0
* 2.0.0 (EOL)
*Vulnerability Management*:
We have rated the issue with a CVSS Score of 8.8 High with the following CVSS vector:
`CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H`.
and assigned CVE `CVE-2024-28828`.
Change-Id: Ib12128b873b7d06140e48fb66147e7a2599dd6f9
Commit: 646362ad319de61d69c3ea40599616137456c4cc
https://github.com/Checkmk/checkmk/commit/646362ad319de61d69c3ea40599616137…
Author: Sergey Kipnis <sergey.kipnis(a)checkmk.com>
Date: 2024-07-02 (Tue, 02 Jul 2024)
Changed paths:
A .werks/16845
M agents/wnx/src/common/wtools.cpp
M agents/wnx/src/engine/cfg.cpp
M agents/wnx/src/engine/cfg_details.h
M agents/wnx/src/engine/cma_core.cpp
M agents/wnx/src/engine/cma_core.h
M agents/wnx/watest/test-yaml.cpp
Log Message:
-----------
16845 SEC fix a privilege escalation vulnerability in the Checkmk Windows Agent
This Werk fixes a privilege escalation vulnerability in the Checkmk Windows
Agent.
Prior to this Werk, it was possible for authenticated users on the monitored
Windows host to execute commands as administrator account that is used to run
the Agent, allowing them to elevate their privileges.
The reason for this issue were excessive write permissions on the
`ProgramData\checkmk\agent` directory.
Note that you must update Checkmk as well as the agent in order to apply this
fix.
This issue was found in a commissioned penetration test conducted by modzero
GmbH.
*Affected Versions*:
* 2.3.0
* 2.2.0
* 2.1.0
*Mitigations*:
If updating is not possible, you can manually remove write access for non-admin
users on the `ProgramData\checkmk\agent` folder.
To do this, navigate to the folder's property settings and make sure to verify
the special permissions and advanced permission settings in addition to the
basic permission settings.
*Vulnerability Management*:
We have rated the issue with a CVSS Score of 8.8 High
(`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`)
and assigned `CVE-2024-28827`.
Change-Id: Ib1209a61e89abaff520490a817a85f8840c94e45
Compare:
https://github.com/Checkmk/checkmk/compare/41ea55fe138f...646362ad319d
To unsubscribe from these emails, change your notification settings at
https://github.com/Checkmk/checkmk/settings/notifications