back to website

Werk #14873: Windows agent's ProgramData directory is accessible only with admins permissions

Component Checks & agents
Title Windows agent's ProgramData directory is accessible only with admins permissions
Date Oct 17, 2022
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.0.0p30 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

Previous to this Werk every authenticated Windows user could read some (uncritical) data from the Windows agent. This was convenient to most users since one did not need to elevate privileges.

To prevent issues with sensitive data being accidentially written to logs we restrict the permission to read data of the Windows agent.

To our knowledge it was not possible to exploit this in any way.

We calculated the following CVSS score for this 0.0 (None): CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our hybrid Monitoring Community event from May 20-22 in Munich and learn more about the latest Checkmk features and our roadmap at the Checkmk Conference #11

Register now