Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers.
Stefan Schiller, a SonarSource researcher, wrote in a technical analysis that “these vulnerabilities can be chained together by an unauthenticated, remote attacker to gain code execution on the server running Checkmk version 2.1.0p10 and lower.” Based on Nagios Core, Checkmk’s open source monitoring tool integrates with NagVis for the generation and visualization of topological maps of infrastructures, servers, ports, and processes.
Also Read: Five Key Open-Source Security Impediments and Quick Fixes
Over 2,000 clients use its Enterprise and Raw editions, among them Airbus, Adobe, NASA, Siemens, Vodafone, and the company tribe29 GmbH, based in Munich.
Read More: Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
