5 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-18246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via...
openSUSE: Security Advisory for icingaweb2 (openSUSE-SU-2020:0067_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : icingaweb2 (openSUSE-2020-67)
This update for icingaweb2 to version 2.7.3 fixes the following issues : icingaweb2 update to 2.7.3 : - Fixed an issue where servicegroups for roles with filtered objects were not available icingaweb2 update to 2.7.2 : - Performance imrovements and bug fixes icingaweb2 update to 2.7.1 : - Highlig...
CVE-2018-18246
Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module...
CVE-2018-18246
Icinga Web 2 prior to version 2.6.2 is vulnerable to CSRF via modules control endpoints: /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module and /icingaweb2/config/moduleenable?name=setup to enable the setup module. This can be exploited to alter module state without...