[//]: # (werk v2)
# notification_rules: typo in field sort_order_for_bulk_notifications
key | value
---------- | ---
date | 2024-07-03T05:22:21+00:00
version | 2.4.0b1
class | fix
edition | cre
component | rest-api
level | 1
compatible | no
The REST-API endpoints previously had a typo in the field
'sort_order_for_bulk_notifications'. The second t was missing.
This werk now corrects this.
[//]: # (werk v2)
# Fix service discovery for hosts with more than 237 characters
key | value
---------- | ---
date | 2024-06-26T07:53:25+00:00
version | 2.4.0b1
class | fix
edition | cre
component | wato
level | 1
compatible | yes
Werk #16219 limited the length of hostnames to a maximum length of 253 characters.
Still, hostnames with a length greater 237 could lead to an error in the
service discovery like "[Errno 36] File name too long: ...".
This has been fixed and all service discovery background job directories will
be converted on update.
[//]: # (werk v2)
# Event Console fix regex match in rule text
key | value
---------- | ---
date | 2024-07-01T15:31:04+00:00
version | 2.4.0b1
class | fix
edition | cee
component | ec
level | 1
compatible | yes
Event console method compile_matching_value had a typo
which caused a valid regex to not match, because it was sent as a string
SUP-19224
Title: fix a privilege escalation vulnerability in the Checkmk Windows Agent
Class: security
Compatible: compat
Component: checks
Date: 1719843798
Edition: cre
Level: 2
Version: 2.1.0p45
This Werk fixes a privilege escalation vulnerability in the Checkmk Windows
Agent.
Prior to this Werk, it was possible for authenticated users on the monitored
Windows host to execute commands as administrator account that is used to run
the Agent, allowing them to elevate their privileges.
The reason for this issue were excessive write permissions on the
<code>ProgramData\checkmk\agent</code> directory.
Note that you must update Checkmk as well as the agent in order to apply this
fix.
This issue was found in a commissioned penetration test conducted by modzero
GmbH.
<em>Affected Versions</em>:
LI: 2.3.0
LI: 2.2.0
LI: 2.1.0
<em>Mitigations</em>:
If updating is not possible, you can manually remove write access for non-admin
users on the <code>ProgramData\checkmk\agent</code> folder.
To do this, navigate to the folder's property settings and make sure to verify
the special permissions and advanced permission settings in addition to the
basic permission settings.
<em>Vulnerability Management</em>:
We have rated the issue with a CVSS Score of 8.8 High (<code>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H</code>)
and assigned <code>CVE-2024-28827</code>.
Title: Fix Various CSRF Issues
Class: security
Compatible: compat
Component: wato
Date: 1718958734
Edition: cre
Level: 1
Version: 2.1.0p45
This Werk adds priviously missing CSRF-Token validation to various endpoints in WATO.
The lack of CSRF-Token validation could allow an attacker to perform actions on behalf of a user without their consent, by tricking the user into visiting clicking on a malicious link.
This vulnerability was identified during a commissioned penetration test conducted by PS Positive Security GmbH.
<em>Affected Versions</em>:
LI: 2.3.0
LI: 2.2.0
LI: 2.1.0
LI: 2.0.0 (EOL)
<em>Vulnerability Management</em>:
We have rated the issue with a CVSS Score of 8.8 High with the following CVSS vector: <code>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</code>.
and assigned CVE <code>CVE-2024-28828</code>.
Title: XSS in SQL check parameters
Class: security
Compatible: compat
Component: wato
Date: 1718618899
Edition: cre
Level: 1
Version: 2.1.0p45
Prior to this Werk an attacher could add HTML to one parameter of the <em>Check SQL database</em> rule which was executed on the overview page.
We found this vulnerability internally.
<strong>Affected Versions</strong>:
* 2.3.0
* 2.2.0
* 2.1.0
* 2.0.0 (probably older versions as well)
<strong>Indicators of Compromis</strong>:
The creation of such rules is logged in the audit log. You can therefore check the <code>wato_audit.log</code> either on the terminal or in the UI for entries that contain malicious HTML.
<strong>Vulnerability Management</strong>:
We have rated the issue with a CVSS Score of 6.5 (Medium) with the following CVSS vector: <code>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L</code>
We assigned CVE-2024-6052 to this vulnerability.
<strong>Changes</strong>:
This Werk fixes the escaping.
Title: proxmox: Fix log parsing crash for Proxmox versions 3.2.4 and newer
Class: fix
Compatible: compat
Component: checks
Date: 1719585241
Edition: cre
Level: 1
Version: 2.2.0p29
The backup log format changed in Proxmox version 3.2.4 which resulted in a crash
in the Proxmox special agent.
The special agent can now handle both old and the new format of backup log messages.
Title: HW/SW Inventory: Fix missing joined service columns if a service is assigned to a cluster
Class: fix
Compatible: compat
Component: multisite
Date: 1719844378
Edition: cre
Level: 1
Version: 2.2.0p30
Werk 16999 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Service check commands exclamation mark is no more escaped
Class: fix
Compatible: compat
Component: multisite
Date: 1717399158
Edition: cre
Level: 1
Version: 2.2.0p30
Previously instead of "!" the GUI displayed "!" when rendering a service check command.
This is fixed to rendering unescaped service check commands to the GUI.
------------------------------------<diff>-------------------------------------------
Title: Service check commands exclamation mark is no more escaped
Class: fix
Compatible: compat
Component: multisite
Date: 1717399158
Edition: cre
Level: 1
- Version: 2.2.0p29
? ^^
+ Version: 2.2.0p30
? ^^
Previously instead of "!" the GUI displayed "!" when rendering a service check command.
This is fixed to rendering unescaped service check commands to the GUI.
Title: Service check commands exclamation mark is no more escaped
Class: fix
Compatible: compat
Component: multisite
Date: 1717399158
Edition: cre
Level: 1
Version: 2.2.0p29
Previously instead of "!" the GUI displayed "!" when rendering a service check command.
This is fixed to rendering unescaped service check commands to the GUI.