Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-40905: Infrastructure & Application Monitoring with Checkmk

** DISPUTED ** The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of “.mkp” files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner.

CVE
#web#kubernetes#intel#rce#perl

checkmk
Everything monitored

Quickly gain a complete view of your IT infrastructure, no matter how complex.

Checkmk provides powerful monitoring of networks, servers, clouds, containers and applications. Fast. Effective.

Monitor your entire hybrid IT infrastructure

We maintain an incomparable collection of 2,000+ plug-ins.
See them all

Resolve issues faster

Dynamic dashboards

Flexible, real-time dashboards

Powerful visualizations

Interactive and dynamic visualization options

Infrastructure monitoring

Hosts and Services overviews that enable fast drill downs

Log and event monitoring

Efficient processing and analysis of logs

Availability and SLA reporting

Precise availability and SLA fulfillment reporting

Notifications and alerts

Advanced notification system with many integrations

Simple, flexible configuration

Modern, efficient and automatic configuration system

  • News

    Introducing Checkmk 2.1

    Best of both worlds. For sure.

    With the all-new Checkmk 2.1, we are laying the foundation for hybrid IT infrastructure monitoring at its best. It comes with a revamped Kubernetes monitoring, more integrations for your open observability ecosystem, better performance, and many more.

    Learn more about Checkmk 2.1

Rapid deployment

From 0 to monitoring in <10 min

Fast installation from a single package, available for many platforms

Identification of more than 90% of devices and services via auto-discovery

Intelligent alarms with pre-set thresholds based on industry expertise

Unlimited scale

Hundreds of thousands of hosts

Highly efficient instances can monitor hundreds of thousands of services

Distributed architecture supports hundreds of instances

Minimal hardware requirements on server- and client-side

Powerful automation

Checkmk does the work for you

Auto-discovery, auto-configuration and automated agent updates

Automated monitoring for dynamic, ephemeral infrastructures

Powerful API enables integrations with other ITOM/ITSM systems

Our philosophy

With Checkmk, monitoring is just the beginning.

Our community actively shares monitoring knowledge and best practices from a diverse set of industries. We combine that expertise with our creativity to build the ideal solution for monitoring IT environments of all kinds.

We believe in a best-of-breed approach — you should always choose the right tool for your needs. That’s why we build strong integrations that allow you to use Checkmk to monitor everything that powers your business.

Checkmk is the best way to monitor your complex and hybrid IT infrastructure.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907