Nicolas Perraud

**Name of the Vulnerable Software and Affected Versions** Shinken Monitoring version 2.4.3 **Description** The issue is related to Incorrect Access Control. The `SafeUnpickler` class found in `shinken/safepickle.py` implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server. **Recommendations** For version 2.4.3, consider disabling the `SafeUnpickler` class until a patch is available to mitigate the risk of exploitation. Restrict access to the `shinken/safepickle.py` module to minimize the risk of unauthorized access. Avoid using the `SafeUnpickler` class for unserializing objects from monitoring nodes until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.