12 matches found
openSUSE Security Advisory (openSUSE-SU-2024:0372-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : icinga2 (openSUSE-SU-2024:0371-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0371-1 advisory. Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310. Tenable has extracted the preceding description block directly fro...
openSUSE 15 Security Update : icinga2 (openSUSE-SU-2024:0372-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0372-1 advisory. Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310. Tenable has extracted the preceding description block directly fro...
Exploit for CVE-2024-49369
CVE-2024-49369 Overview This vulnerability leverages the I...
openSUSE Security Advisory (openSUSE-SU-2024:0371-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2024:0372-1 Security update for icinga2
This update for icinga2 fixes the following issues: Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310...
icinga2-2.14.3-1.1 on GA media (moderate)
icinga2-2.14.3-1.1 on GA media Announcement ID: openSUSE-SU-2024:14493-1 Rating: moderate Cross-References: CVE-2024-49369 CVSS scores: CVE-2024-49369 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2024-49369 SUSE : 10 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H...
SUSE CVE-2024-49369
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...
CVE-2024-49369
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...
CVE-2024-49369
creationtimestamp| type| source ---|---|--- 2024-11-12 16:53:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113471023692988977 2024-11-12 18:53:52+00:00| seen| https://t.me/cvedetector/10668...
CVE-2024-49369
CVE-2024-49369 affects Icinga2 TLS certificate validation from version 2.4.0, enabling impersonation of trusted cluster nodes or API users using client certificates. Fixed in Icinga 2.14.3, 2.13.10, 2.12.11, and 2.11.12. The connected Nessus/ALPINE entries confirm the vulnerability and the fix ve...
CVE-2024-49369 Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...