Werk #16716: Mitigate timing-unsafe comparisons to prevent byte-by-byte brute forcing attack
| Komponente | Agent bakery | ||||
| Titel | Mitigate timing-unsafe comparisons to prevent byte-by-byte brute forcing attack | ||||
| Datum | 25.06.2024 | ||||
| Level | Kleine Änderung | ||||
| Klasse | Sicherheitsfix | ||||
| Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen | ||||
| Checkmk versions & editions |
|
A theorical brute force attack could be performed due to timing-unsafe secrets comparison. This fix changes the way secrets are verified in communication with the agent.
To aid automated scanning we assign a CVSS score of 0.0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).