Werk #13066: Fix path traversal vulnerability

Name: checkmk
Rating: 4.7 (114 reviews)

Component

Setup

Title

Fix path traversal vulnerability

Date

Jul 23, 2021

Level

Trivial Change

Class

Security Fix

Compatibility

Compatible - no manual interaction needed

Checkmk versions & editions

2.1.0b1	Checkmk Community, Checkmk Pro, Checkmk Ultimate MT
2.0.0p9	Checkmk Community, Checkmk Pro, Checkmk Ultimate MT
1.6.0p25	Checkmk Community, Checkmk Pro, Checkmk Ultimate MT

An authenticated user was able to enumerate the filesystem, accessible to the siteuser. No file contents were disclosed.