Werk #6615: Fixed unauthorized access to master control actions

Komponente User interface
Titel Fixed unauthorized access to master control actions
Datum 14.09.2018
Checkmk Edition Checkmk Raw (CRE)
Checkmk-Version 1.4.0p36 1.5.0p5 1.6.0b1
Level Bedeutende Änderung
Klasse Sicherheitsfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

As an authenticated guest user it was possible to gain unauthorized access to the master control snapin actions event if it is not possible to open the master control snapin. The vulnerability could be used to disable the complete monitoring or trigger other actions like disabling notifications.

Zur Liste aller Werks