Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Shinken_monitoring | Shinken-monitoring | 2.4.3 (including) | 2.4.3 (including) |
Shinken | Ubuntu | trusty | * |
Shinken | Ubuntu | xenial | * |