CVE-2014-2331

Name of the Vulnerable Software and Affected Versions Check MK versions 1.2.2p2 through 1.2.3i5

Description The issue allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. This can be exploited by remote attackers.

Recommendations For versions 1.2.2p2, 1.2.2p3, and 1.2.3i5, consider restricting access to the rules.mk file in snapshots to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.