Lucene search
K

7 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2022/03/31 12:0 a.m.50 views

Security update for icingaweb2 (important)

openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0097-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...

7.2CVSS7.1AI score0.1467EPSS
Exploits5References2
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/21 12:0 a.m.66 views

Security update for icingaweb2 (important)

openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0087-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...

7.2CVSS7.1AI score0.1467EPSS
Exploits5References2
NCSC
NCSC
added 2022/03/09 12:0 a.m.8 views

Vulnerabilities fixed in Icinga Web 2

Several vulnerabilities have been fixed in Icinga Web 2. The vulnerability with the attribute CVE-2022-24716 allows an unauthenticated malicious party to use a path-traversal to obtain to obtain files that may contain database credentials. The vulnerabilities with attributes CVE-2022-24714 and...

8.8CVSS6.8AI score0.89378EPSS
Exploits13
CVE
CVE
added 2022/03/08 7:55 p.m.124 views

CVE-2022-24714

CVE-2022-24714 affects Icinga Web 2 installations with the IDO writer enabled. The vulnerability stems from using service custom variables in role restrictions, which can allow users with specific roles to access a collection of content, if those roles granted access to hosts via at least one ser...

5.3CVSS5.4AI score0.01208EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/03/08 7:55 p.m.4 views

CVE-2022-24714 Disclosure of hosts and related data, linked to decommissioned services in Icinga Web 2

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...

5.3CVSS5.1AI score0.01208EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/03/08 7:55 p.m.34 views

CVE-2022-24714 Disclosure of hosts and related data, linked to decommissioned services in Icinga Web 2

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...

5.3CVSS6.9AI score0.01208EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2022/03/08 7:55 p.m.43 views

CVE-2022-24714

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...

5.3CVSS5AI score0.01208EPSS
Exploits0
Rows per page
Query Builder