Checkmk werks level1

checkmk-werks-lvl1@lists.checkmk.com

1 participants
15873 discussions

[2.4.0] Checkmk Werk 17016 created: notification_rules: typo in field sort_order_for_bulk_notifications

by Checkmk werks level 1

[//]: # (werk v2) # notification_rules: typo in field sort_order_for_bulk_notifications key | value ---------- | --- date | 2024-07-03T05:22:21+00:00 version | 2.4.0b1 class | fix edition | cre component | rest-api level | 1 compatible | no The REST-API endpoints previously had a typo in the field 'sort_order_for_bulk_notifications'. The second t was missing. This werk now corrects this.

2 months, 2 weeks

[2.4.0] Checkmk Werk 17058 created: Fix service discovery for hosts with more than 237 characters

by Checkmk werks level 1

[//]: # (werk v2) # Fix service discovery for hosts with more than 237 characters key | value ---------- | --- date | 2024-06-26T07:53:25+00:00 version | 2.4.0b1 class | fix edition | cre component | wato level | 1 compatible | yes Werk #16219 limited the length of hostnames to a maximum length of 253 characters. Still, hostnames with a length greater 237 could lead to an error in the service discovery like "[Errno 36] File name too long: ...". This has been fixed and all service discovery background job directories will be converted on update.

2 months, 2 weeks

[2.4.0] Checkmk Werk 16533 created: Event Console fix regex match in rule text

by Checkmk werks level 1

[//]: # (werk v2) # Event Console fix regex match in rule text key | value ---------- | --- date | 2024-07-01T15:31:04+00:00 version | 2.4.0b1 class | fix edition | cee component | ec level | 1 compatible | yes Event console method compile_matching_value had a typo which caused a valid regex to not match, because it was sent as a string SUP-19224

2 months, 2 weeks

[2.1.0] Checkmk Werk 16845 created: fix a privilege escalation vulnerability in the Checkmk Windows Agent

by Checkmk werks level 1

Title: fix a privilege escalation vulnerability in the Checkmk Windows Agent Class: security Compatible: compat Component: checks Date: 1719843798 Edition: cre Level: 2 Version: 2.1.0p45 This Werk fixes a privilege escalation vulnerability in the Checkmk Windows Agent. Prior to this Werk, it was possible for authenticated users on the monitored Windows host to execute commands as administrator account that is used to run the Agent, allowing them to elevate their privileges. The reason for this issue were excessive write permissions on the <code>ProgramData\checkmk\agent</code> directory. Note that you must update Checkmk as well as the agent in order to apply this fix. This issue was found in a commissioned penetration test conducted by modzero GmbH. Affected Versions: LI: 2.3.0 LI: 2.2.0 LI: 2.1.0 Mitigations: If updating is not possible, you can manually remove write access for non-admin users on the <code>ProgramData\checkmk\agent</code> folder. To do this, navigate to the folder's property settings and make sure to verify the special permissions and advanced permission settings in addition to the basic permission settings. Vulnerability Management: We have rated the issue with a CVSS Score of 8.8 High (<code>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H</code>) and assigned <code>CVE-2024-28827</code>.

2 months, 3 weeks

[2.1.0] Checkmk Werk 17090 created: Fix Various CSRF Issues

by Checkmk werks level 1

Title: Fix Various CSRF Issues Class: security Compatible: compat Component: wato Date: 1718958734 Edition: cre Level: 1 Version: 2.1.0p45 This Werk adds priviously missing CSRF-Token validation to various endpoints in WATO. The lack of CSRF-Token validation could allow an attacker to perform actions on behalf of a user without their consent, by tricking the user into visiting clicking on a malicious link. This vulnerability was identified during a commissioned penetration test conducted by PS Positive Security GmbH. Affected Versions: LI: 2.3.0 LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 (EOL) Vulnerability Management: We have rated the issue with a CVSS Score of 8.8 High with the following CVSS vector: <code>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</code>. and assigned CVE <code>CVE-2024-28828</code>.

2 months, 3 weeks

[2.1.0] Checkmk Werk 17010 created: XSS in SQL check parameters

by Checkmk werks level 1

Title: XSS in SQL check parameters Class: security Compatible: compat Component: wato Date: 1718618899 Edition: cre Level: 1 Version: 2.1.0p45 Prior to this Werk an attacher could add HTML to one parameter of the Check SQL database rule which was executed on the overview page. We found this vulnerability internally. Affected Versions: * 2.3.0 * 2.2.0 * 2.1.0 * 2.0.0 (probably older versions as well) Indicators of Compromis: The creation of such rules is logged in the audit log. You can therefore check the <code>wato_audit.log</code> either on the terminal or in the UI for entries that contain malicious HTML. Vulnerability Management: We have rated the issue with a CVSS Score of 6.5 (Medium) with the following CVSS vector: <code>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L</code> We assigned CVE-2024-6052 to this vulnerability. Changes: This Werk fixes the escaping.

2 months, 3 weeks

[2.2.0] Checkmk Werk 16863 created: proxmox: Fix log parsing crash for Proxmox versions 3.2.4 and newer

by Checkmk werks level 1

Title: proxmox: Fix log parsing crash for Proxmox versions 3.2.4 and newer Class: fix Compatible: compat Component: checks Date: 1719585241 Edition: cre Level: 1 Version: 2.2.0p29 The backup log format changed in Proxmox version 3.2.4 which resulted in a crash in the Proxmox special agent. The special agent can now handle both old and the new format of backup log messages.

2 months, 3 weeks

[2.2.0] Checkmk Werk 16753 created: HW/SW Inventory: Fix missing joined service columns if a service is assigned to a cluster

by Checkmk werks level 1

Title: HW/SW Inventory: Fix missing joined service columns if a service is assigned to a cluster Class: fix Compatible: compat Component: multisite Date: 1719844378 Edition: cre Level: 1 Version: 2.2.0p30

2 months, 3 weeks

[2.2.0] Checkmk Werk 16999 adapted: Service check commands exclamation mark is no more escaped

by Checkmk werks level 1

Werk 16999 was adapted. The following is the new Werk, a diff is shown at the end of the message. Title: Service check commands exclamation mark is no more escaped Class: fix Compatible: compat Component: multisite Date: 1717399158 Edition: cre Level: 1 Version: 2.2.0p30 Previously instead of "!" the GUI displayed "!" when rendering a service check command. This is fixed to rendering unescaped service check commands to the GUI. ------------------------------------<diff>------------------------------------------- Title: Service check commands exclamation mark is no more escaped Class: fix Compatible: compat Component: multisite Date: 1717399158 Edition: cre Level: 1 - Version: 2.2.0p29 ? ^^ + Version: 2.2.0p30 ? ^^ Previously instead of "!" the GUI displayed "!" when rendering a service check command. This is fixed to rendering unescaped service check commands to the GUI.

2 months, 3 weeks

[2.2.0] Checkmk Werk 16999 created: Service check commands exclamation mark is no more escaped

by Checkmk werks level 1

Title: Service check commands exclamation mark is no more escaped Class: fix Compatible: compat Component: multisite Date: 1717399158 Edition: cre Level: 1 Version: 2.2.0p29 Previously instead of "!" the GUI displayed "!" when rendering a service check command. This is fixed to rendering unescaped service check commands to the GUI.

2 months, 3 weeks

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level1