USN-5527-1: Checkmk vulnerabilities
20 July 2022
Several security issues were fixed in Checkmk.
- check-mk - general purpose monitoring plugin for retrieving data
It was discovered that Checkmk incorrectly handled authentication. An attacker
could possibly use this issue to cause a race condition leading to information
It was discovered that Checkmk incorrectly handled certain inputs. An attacker
could use these cross-site scripting issues to inject arbitrary html or
session cookies and valid credentials. (CVE-2017-9781, CVE-2021-36563,
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.