Introduction
CVE-2023-6740 is a privilege escalation vulnerability identified in the jar_signature agent plugin of Checkmk versions prior to 2.2.0p18, 2.1.0p38, and 2.0.0p39. This flaw allows a local user to escalate their privileges, potentially gaining unauthorized access to sensitive system information or administrative control. Checkmk+4Recorded Future+4Ubuntu+4
Technical Details:
The vulnerability arises from the jar_signature plugin's execution</a> of the <code data-start="76" data-end="87">jarsigner binary with elevated privileges. A malicious local user with access to the system could replace the jarsigner binary with a malicious script placed in the JAVA_HOME directory. When the plugin executes this compromised binary, it runs with root privileges, thereby allowing the attacker to escalate their privileges to root. Checkmk
Affected Versions:
No phone number, email, or personal info required.
-
Checkmk versions before 2.2.0p18Tenable®+5Recorded Future+5Ubuntu+5
-
Checkmk versions before 2.1.0p38Checkmk
-
Checkmk versions before 2.0.0p39Tenable®+5Recorded Future+5NVD+5
Mitigation:
To address this vulnerability, Checkmk has updated the jar_signature plugin to execute the jarsigner binary as the oracle user instead of the root user, preventing the privilege escalation. Users are advised to update to the latest versions of Checkmk to incorporate this fix. If updating is not feasible, disabling the jar_signature plugin is recommended as a temporary mitigation measure. Ubuntu+2Checkmk+2Recorded Future+2
Severity:
Checkmk GmbH has assigned this vulnerability a CVSS score of 8.8 (High), with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. Ubuntu+3Checkmk+3NVD+3