Werk #6615: Fixed unauthorized access to master control actions
Komponente | User interface |
Titel | Fixed unauthorized access to master control actions |
Datum | 14.09.2018 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk-Version | 1.4.0p36 1.5.0p5 1.6.0b1 |
Level | Bedeutende Änderung |
Klasse | Sicherheitsfix |
Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen |
As an authenticated guest user it was possible to gain unauthorized access to the master control snapin actions event if it is not possible to open the master control snapin. The vulnerability could be used to disable the complete monitoring or trigger other actions like disabling notifications.