Werk #6615: Fixed unauthorized access to master control actions

Component User interface
Title Fixed unauthorized access to master control actions
Date Sep 14, 2018
Checkmk Edition Checkmk Raw (CRE)
Checkmk Version 1.4.0p36 1.5.0p5 1.6.0b1
Level Prominent Change
Class Security Fix
Compatibility Compatible - no manual interaction needed

As an authenticated guest user it was possible to gain unauthorized access to the master control snapin actions event if it is not possible to open the master control snapin. The vulnerability could be used to disable the complete monitoring or trigger other actions like disabling notifications.

To the list of all Werks