Reporting Security Vulnerabilities
Please send security vulnerabilities found in openITCOCKPIT or software that is used by openITCOCKPIT to: security@openitcockpit.io.
Disclosed Vulnerabilities
openITCOCKPIT < 4.6.5
| Impact | CVE | Found by | ID | Vulnerability Summary |
|---|---|---|---|---|
| High | CVE-2023-36663 | hiu240900 | ITC-3017 | SQL injection: The sort endpoints of the API are vulnerable for SQL injections. |
| Medium | CVE-2023-3218 | tuannq2299 | ITC-3014 | Race Condition: Create multiple user with the same username |
openITCOCKPIT < 3.7.3
| Impact | CVE | ID | Vulnerability Summary |
|---|---|---|---|
| High | CVE-2020-10789 | ITC-2321 | Code injection: The input of the embedded terminal is not getting properly escaped which lead to remote code execution. |
| High | CVE-2020-10788 | ITC-2322 | Static WebSocket key: The key used by the WebSocket server to avoid unauthenticated access is the same on all openITCOCKPIT installations. |
| High | CVE-2020-10790 | ITC-2324 | Cross-site scripting: openITCOCKPIT grant access to unnecessary files in the webroot directory which could be affected by an XSS security issue. |
| High | CVE-2020-10792 | ITC-2325 |
Ability to trick server into running in development mode: By manipulating the Host
header in the HTTP request it was possible to enable debug mode. This could lead to unwanted
output of sensitive data.
|
| Medium | CVE-2020-10791 | ITC-2168 | Server-side request forgery: The Test Connection feature of the Grafana Module can now be completly disabled throuth the user role permission testGrafanaConnection. |
openITCOCKPIT < 3.7.1
| Impact | CVE | ID | Vulnerability Summary | Remediation Summary |
|---|---|---|---|---|
| High | CVE-2019-15491 | ITC-2166 | An authenticated openITCOCKPIT User could be lured by an attacker to a compromised website to create a valid account in openITCOCKPIT. | Upgrade to openITCOCKPIT 3.7.1 or above. |
| High | CVE-2019-10227 | ITC-2167 | XSS vulnerability in the 404 Not found page. | Upgrade to openITCOCKPIT 3.7.1 or above. |
| High | CVE-2019-15490 | ITC-2164 |
Everything passed to command_line including macros like $USER1$
and $ARG1$ will get executed by the monitoring engine. This is the default
behavor of Nagios and Naemon.
|
Be be careful which users you grant the permission to edit the command line. |
| Medium | CVE-2019-15493 | ITC-2168 | Users with permissions to "Backup / Restore" could delete any files located at /opt/openitc/.
|
Upgrade to openITCOCKPIT 3.7.1 or above. |
| Medium | CVE-2019-15494 | ITC-2169 | The detailed error output of the "Grafana Module" could be used by an attacker to collect information about third party other web servers. | Upgrade to openITCOCKPIT 3.7.1 or above. |
| Low | CVE-2019-15492 | ITC-2170 |
|
Upgrade to openITCOCKPIT 3.7.1 or above. |
openITCOCKPIT < 3.2.0
| Impact | CVE | ID | Vulnerability Summary | Remediation Summary |
|---|---|---|---|---|
| High | ITC-1533 | Valid LDAP users could login without password. | Upgrade to openITCOCKPIT 3.2 or above. |