CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
9.4%
Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF)
Affected products:
All affected products, in any version, will be unaffected by this once icinga-php-library
is upgraded.
Version 0.10.1 will include a fix for this. It will be published as part of the icinga-php-library
v0.14.1 release.
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
9.4%