CVE-2017-14955
Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report.
| Software | From | Fixed in |
|---|---|---|
| checkmk / checkmk | 1.2.3-i6 | 1.2.3-i6.x |
| checkmk / checkmk | 1.2.3-i7 | 1.2.3-i7.x |
| checkmk / checkmk | 1.2.4-b1 | 1.2.4-b1.x |
| checkmk / checkmk | 1.2.5-i1 | 1.2.5-i1.x |
| checkmk / checkmk | 1.2.5-i2 | 1.2.5-i2.x |
| checkmk / checkmk | 1.2.5-i3 | 1.2.5-i3.x |
| checkmk / checkmk | 1.2.5-i4 | 1.2.5-i4.x |
| checkmk / checkmk | 1.2.5-i5 | 1.2.5-i5.x |
| checkmk / checkmk | 1.2.5-i6 | 1.2.5-i6.x |
| checkmk / checkmk | 1.2.6-b1 | 1.2.6-b1.x |
| checkmk / checkmk | 1.2.8-p25 | 1.2.8-p25.x |
| checkmk / checkmk | 1.2.6-b2 | 1.2.6-b2.x |
| checkmk / checkmk | 1.2.6-p13 | 1.2.6-p13.x |
| checkmk / checkmk | 1.2.7-i1 | 1.2.7-i1.x |
| checkmk / checkmk | 1.2.7-i1p2 | 1.2.7-i1p2.x |
| checkmk / checkmk | 1.2.7-i2 | 1.2.7-i2.x |
| checkmk / checkmk | 1.2.7-i3 | 1.2.7-i3.x |
| checkmk / checkmk | 1.2.7-i4 | 1.2.7-i4.x |
| checkmk / checkmk | 1.2.8-p18 | 1.2.8-p18.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime