7 matches found
Security update for icingaweb2 (important)
openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0097-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...
Security update for icingaweb2 (important)
openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0087-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...
Vulnerabilities fixed in Icinga Web 2
Several vulnerabilities have been fixed in Icinga Web 2. The vulnerability with the attribute CVE-2022-24716 allows an unauthenticated malicious party to use a path-traversal to obtain to obtain files that may contain database credentials. The vulnerabilities with attributes CVE-2022-24714 and...
CVE-2022-24714
CVE-2022-24714 affects Icinga Web 2 installations with the IDO writer enabled. The vulnerability stems from using service custom variables in role restrictions, which can allow users with specific roles to access a collection of content, if those roles granted access to hosts via at least one ser...
CVE-2022-24714 Disclosure of hosts and related data, linked to decommissioned services in Icinga Web 2
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...
CVE-2022-24714 Disclosure of hosts and related data, linked to decommissioned services in Icinga Web 2
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...
CVE-2022-24714
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...