Checkmk Report Scheduler Path Traversal Vulnerability

A path traversal vulnerability has been identified in the report scheduler of Checkmk versions prior to 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 (EOL). This vulnerability allows authenticated attackers to manipulate the storage location of report file pairs, potentially overwriting existing files and disrupting site configurations. While the exploitation could lead to a denial-of-service condition by breaking an affected site's functionality, it does not allow an attacker to escape the confines of predefined fields within the generated report files.

Impact

Exploitation of this vulnerability can disrupt site functionality by overwriting configuration files with manipulated report data, leading to a denial-of-service condition on the affected site.

Remediation

Users are advised to update to a version of Checkmk that is not vulnerable. If an immediate update is not possible, it is recommended to disable the 'Manage Own Scheduled Reports' and 'Manage All Scheduled Reports' roles for non-admin users. Additionally, conduct a manual review of all scheduled reports and remove any that contain directory information in the title.