Ubuntu Security Notice 5527-1 - It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information disclosure. It was discovered that Checkmk incorrectly handled certain inputs. An attacker could use these cross-site scripting issues to inject arbitrary html or javascript code to obtain sensitive information including user information, session cookies and valid credentials.
45daf753e998edd792b4728e6f35f35c6493b1e6cc974ee1082da7f33c59b2dc
Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.
3817f4097ba3c193b240667f3e9f94890b3c36bbafc096a89f647938a535aa59