Lisa Gnedt

**Name of the Vulnerable Software and Affected Versions** Checkmk versions prior to 2.4.0p23 Checkmk versions prior to 2.3.0p45 Checkmk version 2.2.0 **Description** Exposure of the session signing secret allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging session cookies. **Recommendations** Update to version 2.4.0p23 or later. Update to version 2.3.0p45 or later. Update to a version newer than 2.2.0.

**Name of the Vulnerable Software and Affected Versions** LibreChat version 0.8.1-rc2 **Description** LibreChat version 0.8.1-rc2 utilizes the same JWT secret for both the user session mechanism and the RAG API, which compromises the service-level authentication of the RAG API. This shared secret creates a security issue where authentication for the RAG API is vulnerable due to the reuse of the JWT secret. The RAG API is an endpoint used for Retrieval-Augmented Generation, a technique used to enhance the capabilities of large language models. JWT (JSON Web Token) is a standard for securely transmitting information between parties as a JSON object. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LibreChat version 0.8.1-rc2 **Description** A logged-in user can obtain a JWT (JSON Web Token) for both the LibreChat API and the RAG API. This allows access to both APIs with the user's credentials. The JWT token can be abused. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Checkmk versions 2.3.0 through 2.3.0p43 Checkmk versions 2.4.0 through 2.4.0p22 **Description** The software contains a flaw due to improper neutralization of input. An attacker who can manipulate a host's check output can inject malicious JavaScript into the Synthetic Monitoring HTML logs. This injected code can then be accessed through a specially crafted phishing link. **Recommendations** Update Checkmk to version 2.3.0p43 or later. Update Checkmk to version 2.4.0p22 or later.

**Name of the Vulnerable Software and Affected Versions** Checkmk versions prior to 2.4.0p14 Checkmk versions prior to 2.3.0p39 Checkmk versions 2.2.0 Checkmk version 2.1.0 **Description** A Cross-Site Scripting (XSS) issue exists in Checkmk's distributed monitoring functionality. A compromised remote site can inject malicious HTML code into service outputs on the central site. This allows for potential JavaScript injection and Remote Code Execution (RCE) in distributed setups. **Recommendations** Versions prior to 2.4.0p14 should be updated. Versions prior to 2.3.0p39 should be updated. For version 2.2.0, consider disabling “Trust this site completely”. For version 2.1.0, consider disabling “Trust this site completely”.

**Name of the Vulnerable Software and Affected Versions** Checkmk versions 2.1.0 Checkmk versions 2.2.0 through 2.2.0p45 Checkmk versions 2.3.0 through 2.3.0p37 Checkmk versions 2.4.0 through 2.4.0p12 **Description** The Windows License plugin for the Checkmk Windows Agent contains a flaw related to the use of an insecure temporary directory, which can lead to privilege escalation. **Recommendations** Update to version 2.2.0p46 or later. Update to version 2.3.0p38 or later. Update to version 2.4.0p13 or later.

**Name of the Vulnerable Software and Affected Versions** Checkmk versions prior to 2.4.0p13 Checkmk versions prior to 2.3.0p38 Checkmk versions prior to 2.2.0p46 Checkmk version 2.1.0 **Description** A flaw exists in the report scheduler of Checkmk that allows authenticated attackers to define the storage location of report file pairs outside of the intended root directory due to insufficient escaping. This could allow for unauthorized file access or modification. **Recommendations** Update Checkmk to version 2.4.0p13 or later. Update Checkmk to version 2.3.0p38 or later. Update Checkmk to version 2.2.0p46 or later. Do not use Checkmk version 2.1.0 as it is end-of-life.