Today we proudly released the next version of openITCOCKPIT 3.7.3.
With this release we resolve critical security vulnerabilities. Update your system soon!
Dejan Zelic from Offensive Security found and reported some critical security vulnerabilities within openITCOCKPIT.
The following issues will be resolved by updating to openITCOCKPIT 3.7.3
Impact | CVE | ID | Vulnerability Summary |
---|---|---|---|
High | CVE-2020-10789 | ITC-2321 | Code injection: The input of the embedded terminal is not getting properly escaped which lead to remote code execution. |
High | CVE-2020-10788 | ITC-2322 | Static WebSocket key: The key used by the WebSocket server to avoid unauthenticated access is the same on all openITCOCKPIT installations. |
High | CVE-2020-10790 | ITC-2324 | Cross-site scripting: openITCOCKPIT grant access to unnecessary files in the webroot directory which could be affected by an XSS security issue. |
High | CVE-2020-10792 | ITC-2325 |
Ability to trick server into running in development mode: By manipulating the Host header in the HTTP request it was possible to enable debug mode. This could lead to unwanted output of sensitive data.
|
Medium | CVE-2020-10791 | ITC-2168 | Server-side request forgery: The Test Connection feature of the Grafana Module can now be completly disabled throuth the user role permission testGrafanaConnection. |
Many thanks to Dejan Zelic and Offensive Security for reporting this!
Have you also discovered a security breach? Please don’t hesitate to contact us.
The embedded terminal was vulnerable to remote code execution. For this reason the terminal and all its related code got removed.
To keep your system save please generate a new WebSocket key by executing the following commands as root
user.
WEBSOCKET_KEY=$(php -r "echo bin2hex(openssl_random_pseudo_bytes(80, \$cstrong));")
mysql "--defaults-extra-file=/etc/openitcockpit/mysql.cnf" -e "UPDATE systemsettings SET \`systemsettings\`.\`value\`='${WEBSOCKET_KEY}' WHERE \`key\`='SUDO_SERVER.API_KEY';"
openitcockpit-update
In one of our previous articles we described how to update an installation of openITCOCKPIT in detail. If you are already familiar with our update process, you can update to the new version in three easy steps:
tmux
sudo apt-get update
sudo apt-get dist-upgrade
Your openITCOCKPIT Team!