Werk #14871: Windows agent's ProgramData directory is accessible only with admins permissions

Komponente Checks & agents
Titel Windows agent's ProgramData directory is accessible only with admins permissions
Datum 06.10.2022
Checkmk-Editon Checkmk Raw (CRE)
Checkmk-Version 2.2.0i1 2.1.0p15
Level Bedeutende Änderung
Klasse Sicherheitsfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Previous to this Werk every authenticated Windows user could read some sensitive data from the Windows agent working directory. To prevent issues with leaking sensitive data we restrict the permission to read data of the Windows agent.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N (https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Zur Liste aller Werks