Headline
CVE-2021-40906: Infrastructure & Application Monitoring with Checkmk
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication.
checkmk
Everything monitored
Quickly gain a complete view of your IT infrastructure, no matter how complex.
Checkmk provides powerful monitoring of networks, servers, clouds, containers and applications. Fast. Effective.
Monitor your entire hybrid IT infrastructure
We maintain an incomparable collection of 1,800+ plug-ins.
See them all
Resolve issues faster
Dynamic dashboards
Flexible, real-time dashboards
Powerful visualizations
Interactive and dynamic visualization options
Infrastructure monitoring
Hosts and Services overviews that enable fast drill downs
Log and event monitoring
Efficient processing and analysis of logs
Availability and SLA reporting
Precise availability and SLA fulfillment reporting
Notifications and alerts
Advanced notification system with many integrations
Simple, flexible configuration
Modern, efficient and automatic configuration system
News
Introducing Checkmk 2.0
Checkmk 2.0 brings a completely new, intuitive user interface with simpler workflows, powerful features for network flow monitoring, and many new and updated features.
Learn more about Checkmk 2.0
Checkmk Conference #8
Tickets Still Available
The Checkmk Conference #8 is now bookable! Be fast and save your preferred workshop seat and conference ticket for 2022. Benefit from insightful talks and an on-site community experience back in Munich.
Yes, I want to attend!
Rapid deployment
From 0 to monitoring in <10 min
Fast installation from a single package, available for many platforms
Identification of more than 90% of devices and services via auto-discovery
Intelligent alarms with pre-set thresholds based on industry expertise
Unlimited scale
Hundreds of thousands of hosts
Highly efficient instances can monitor hundreds of thousands of services
Distributed architecture supports hundreds of instances
Minimal hardware requirements on server- and client-side
Powerful automation
Checkmk does the work for you
Auto-discovery, auto-configuration and automated agent updates
Automated monitoring for dynamic, ephemeral infrastructures
Powerful API enables integrations with other ITOM/ITSM systems
Our philosophy
With Checkmk, monitoring is just the beginning.
Our community actively shares monitoring knowledge and best practices from a diverse set of industries. We combine that expertise with our creativity to build the ideal solution for monitoring IT environments of all kinds.
We believe in a best-of-breed approach — you should always choose the right tool for your needs. That’s why we build strong integrations that allow you to use Checkmk to monitor everything that powers your business.
Checkmk is the best way to monitor your complex and hybrid IT infrastructure.