Werk #6615: Fixed unauthorized access to master control actions
| Component | User interface | ||||||
| Title | Fixed unauthorized access to master control actions | ||||||
| Date | Sep 14, 2018 | ||||||
| Level | Prominent Change | ||||||
| Class | Security Fix | ||||||
| Compatibility | Compatible - no manual interaction needed | ||||||
| Checkmk versions & editions |
|
As an authenticated guest user it was possible to gain unauthorized access to the master control snapin actions event if it is not possible to open the master control snapin. The vulnerability could be used to disable the complete monitoring or trigger other actions like disabling notifications.