Detections
Analytics

Check_MK 1.2.4 < 1.2.4p4 / 1.2.5 < 1.2.5i4 Multiple Vulnerabilities

high Nessus Plugin ID 101087

Language:

Synopsis

An IT monitoring application running on the remote host is affected by multiple vulnerabilities.

Description

The version of Check_MK running on the remote web server is 1.2.4 prior to 1.2.4p4 or 1.2.5 prior to 1.2.5i4. It is, therefore, affected by multiple vulnerabilities :

 - Multiple cross-site script (XSS) vulnerabilities exist in the multisite component, specifically within the render_status_icons() function in file htmllib.py and the ajax_action() function in file actions.py, due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit these, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2014-5338)

 - A flaw exists related to row selections that allows an authenticated, remote attacker to write Check_MK configuration (.mk) files to arbitrary locations.
 (CVE-2014-5339)

 - A flaw exists in the wato component due to using the insecure Python pickel API calls. An unauthenticated, remote attacker can exploit this, via a specially crafted serialized object, to execute arbitrary code.
 (CVE-2014-5340)

Solution

Upgrade to Check_MK version 1.2.4p4 / 1.2.5i4 or later.

See Also

https://www.securityfocus.com/archive/1/archive/1/533180/100/0/threaded

Plugin Details

Severity: High

ID: 101087

File Name: check_mk_1_2_5_i4.nasl

Version: 2.5

Type: remote

Family: CGI abuses

Published: 6/28/2017

Updated: 11/28/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:check_mk_project:check_mk

Exploit Ease: No known exploits are available

Patch Publication Date: 8/20/2014

Vulnerability Publication Date: 5/27/2014

Reference Information

CVE: CVE-2014-5338, CVE-2014-5339, CVE-2014-5340

BID: 69309, 69310, 69312