CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "check-mk-agent", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-agent-logwatch", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-config-icinga", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-doc", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-livestatus", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-livestatus-dbgsym", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-multisite", "binary_version": "1.2.8p16-1ubuntu0.2" }, { "binary_name": "check-mk-server", "binary_version": "1.2.8p16-1ubuntu0.2" } ] }