Werk #10885: check_sftp: Fix possible command injection from the WATO configuration

Component

Checks & agents

Title

check_sftp: Fix possible command injection from the WATO configuration

Date

Apr 9, 2020

Level

Trivial Change

Class

Security Fix

Compatibility

Compatible - no manual interaction needed

Checkmk versions & editions

1.6.0p12	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

User which are permitted to configure the active check check_sftp via WATO could inject commands to Checkmk. These were executed on the Checkmk server the rule was applied on with the permissions of the Checkmk site user.

To the list of all Werks