Werk #10885: check_sftp: Fix possible command injection from the WATO configuration
Component | Checks & agents |
Title | check_sftp: Fix possible command injection from the WATO configuration |
Date | Apr 9, 2020 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk Version | 1.6.0p12 |
Level | Trivial Change |
Class | Security Fix |
Compatibility | Compatible - no manual interaction needed |
User which are permitted to configure the active check check_sftp via WATO could inject commands to Checkmk. These were executed on the Checkmk server the rule was applied on with the permissions of the Checkmk site user.