Description
An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer.
Affected Package
Related
{"id": "ALPINE:CVE-2018-6532", "vendorId": null, "type": "alpinelinux", "bulletinFamily": "unix", "title": "CVE-2018-6532", "description": "An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer.", "published": "2018-02-27T19:29:00", "modified": "2018-03-23T14:56:00", "epss": [{"cve": "CVE-2018-6532", "epss": 0.00103, "percentile": 0.41189, "modified": "2023-06-23"}], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://security.alpinelinux.org/vuln/CVE-2018-6532", "reporter": "Alpine Linux Development Team", "references": [], "cvelist": ["CVE-2018-6532"], "immutableFields": [], "lastseen": "2023-06-23T15:27:24", "viewCount": 6, "enchantments": {"score": {"value": 6.9, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-6532"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-6532"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113121"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-6532"]}]}, "vulnersScore": 6.9}, "_state": {"score": 1687534712, "dependencies": 1687540704}, "_internal": {"score_hash": "b4c5e0e787d5ea3eeec7b5173957c110"}, "affectedPackage": [{"OS": "Alpine", "OSVersion": "3.7-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "2.8.2-r0", "operator": "lt", "packageName": "icinga2"}]}
{"cve": [{"lastseen": "2023-06-23T15:14:52", "description": "An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-27T19:29:00", "type": "cve", "title": "CVE-2018-6532", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6532"], "modified": "2018-03-23T14:56:00", "cpe": ["cpe:/a:icinga:icinga:2.8.0"], "id": "CVE-2018-6532", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6532", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:icinga:icinga:2.8.0:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-06-28T14:14:30", "description": "An issue was discovered in Icinga 2.x through 2.8.1. By sending specially\ncrafted (authenticated and unauthenticated) requests, an attacker can\nexhaust a lot of memory on the server side, triggering the OOM killer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2018-6532", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6532"], "modified": "2018-02-27T00:00:00", "id": "UB:CVE-2018-6532", "href": "https://ubuntu.com/security/CVE-2018-6532", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-06-23T18:12:19", "description": "An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-27T19:29:00", "type": "debiancve", "title": "CVE-2018-6532", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6532"], "modified": "2018-02-27T19:29:00", "id": "DEBIANCVE:CVE-2018-6532", "href": "https://security-tracker.debian.org/tracker/CVE-2018-6532", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:32:35", "description": "Icinga2 is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-02T00:00:00", "type": "openvas", "title": "Icinga2 < 2.8.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16933", "CVE-2018-6535", "CVE-2018-6532", "CVE-2018-6536", "CVE-2018-6534", "CVE-2018-6533"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310113121", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113121", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_icinga2_mult_vuln.nasl 12120 2018-10-26 11:13:20Z mmartin $\n#\n# Icinga2 < 2.8.2 Multiple Vulnerabilities\n#\n# Authors:\n# Jan Philipp Schulte <jan.schulte@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, https://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif( description )\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113121\");\n script_version(\"$Revision: 12120 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 13:13:20 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-02 11:56:30 +0100 (Fri, 02 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2018-6532\", \"CVE-2018-6533\", \"CVE-2018-6534\", \"CVE-2018-6535\", \"CVE-2018-6536\", \"CVE-2017-16933\");\n\n script_name(\"Icinga2 < 2.8.2 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_icinga2_detect.nasl\");\n script_mandatory_keys(\"icinga2/detected\");\n\n script_tag(name:\"summary\", value:\"Icinga2 is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"The script checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"impact\", value:\"Effects of successful exploitation range from password disclosure over Denial\n of Service to an attacker gaining complete control over the target system.\");\n script_tag(name:\"affected\", value:\"Icinga2 through version 2.8.1\");\n script_tag(name:\"solution\", value:\"Update to version 2.8.2 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/Icinga/icinga2/pull/5715\");\n script_xref(name:\"URL\", value:\"https://github.com/Icinga/icinga2/pull/5850\");\n script_xref(name:\"URL\", value:\"https://github.com/Icinga/icinga2/issues/5991\");\n script_xref(name:\"URL\", value:\"https://github.com/Icinga/icinga2/pull/6103\");\n script_xref(name:\"URL\", value:\"https://github.com/Icinga/icinga2/pull/6104\");\n script_xref(name:\"URL\", value:\"https://github.com/Icinga/icinga2/issues/5793\");\n script_xref(name:\"URL\", value:\"https://www.icinga.com/2018/03/22/icinga-2-8-2-released/\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:icinga:icinga2\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! port = get_app_port( cpe: CPE ) ) exit( 0 );\nif( !version = get_app_version( cpe: CPE, port: port ) ) exit( 0 );\n\nif( version_in_range( version: version, test_version: \"2.0.0\", test_version2: \"2.8.1\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.8.2\" );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
CVE-2018-6532
