back to website

Werk #9524: Use proper sessions

Component Firmware
Title Use proper sessions
Date Apr 6, 2023
Level Trivial Change
Class New Feature
Compatibility Compatible - no manual interaction needed
Appliance Version 1.6.4

Prior to this Werk the session management of webconf relied mostly on a signed cookie. Since webonf is a single a single user system this was no problem. Unfortunately this lead to the fact that a logout relied on the deletion of the session cookie. If this cookie was stolen there was no possibility to close the session.

With this Werk a proper session id is introduced and a reference is stored on the server side. This enables a proper logout.

Please note that this is a hardening measure and the session management prior to this Werk was not vulnerable.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our hybrid Monitoring Community event from May 20-22 in Munich and learn more about the latest Checkmk features and our roadmap at the Checkmk Conference #11

Register now