Werk #17010: XSS in SQL check parameters

Component Setup
Title XSS in SQL check parameters
Date Jun 17, 2024
Checkmk Version 2.4.0b1 2.3.0p10 2.2.0p29 2.1.0p45
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Affected Editions
2.4.0b1 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.3.0p10 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.2.0p29 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.1.0p45 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

Prior to this Werk an attacher could add HTML to one parameter of the Check SQL database rule which was executed on the overview page.

We found this vulnerability internally.

Affected Versions: LI: 2.3.0 LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 (probably older versions as well)

Indicators of Compromis: The creation of such rules is logged in the audit log. You can therefore check the wato_audit.log either on the terminal or in the UI for entries that contain malicious HTML.

Vulnerability Management: We have rated the issue with a CVSS Score of 6.5 (Medium) with the following CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L We assigned CVE-2024-6052 to this vulnerability.

Changes: This Werk fixes the escaping.

To the list of all Werks