Werk #14087: Fix privilege escalation vulnerability
|Component||Checks & agents|
|Title||Fix privilege escalation vulnerability|
|Date||May 12, 2022|
|Checkmk Editon||Checkmk Raw (CRE)|
|Checkmk Version||2.2.0i1 2.1.0b9 2.0.0p25 1.6.0p29|
|Compatibility||Compatible - no manual interaction needed|
Previously to this Werk an attacker who could become a site user could replace the sites bin/unixcat by a custom executable. The Checkmk agent would then run it as root.
With this Werk the agent now always calls one of the shipped unixcats below /omd/versions/.
All maintained versions (>=1.6) are subject to this vulnerability. It is likely that also previous versions were vulnerable.
To check against possible exploitation make sure that the sites directory ~MySite/bin points to /omd/versions/MySitesVersion/bin.
CVE will be added here later
We thank Jan-Philipp Litza (PLUTEX GmbH) for bringing this to our attention.