Lucene search
+L

12 matches found

OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.10 views

openSUSE Security Advisory (openSUSE-SU-2024:0372-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02934EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.14 views

openSUSE 15 Security Update : icinga2 (openSUSE-SU-2024:0371-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0371-1 advisory. Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310. Tenable has extracted the preceding description block directly fro...

9.8CVSS7AI score0.02934EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.11 views

openSUSE 15 Security Update : icinga2 (openSUSE-SU-2024:0372-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0372-1 advisory. Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310. Tenable has extracted the preceding description block directly fro...

9.8CVSS7AI score0.02934EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2024/11/29 8:14 a.m.537 views

Exploit for CVE-2024-49369

CVE-2024-49369 Overview This vulnerability leverages the I...

9.8CVSS7.5AI score0.02934EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/11/22 12:0 a.m.14 views

openSUSE Security Advisory (openSUSE-SU-2024:0371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02934EPSS
Exploits1References3
OSV
OSV
added 2024/11/21 2:37 p.m.15 views

OPENSUSE-SU-2024:0372-1 Security update for icinga2

This update for icinga2 fixes the following issues: Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310...

9.8CVSS9.4AI score0.02934EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2024/11/15 12:0 a.m.6 views

icinga2-2.14.3-1.1 on GA media (moderate)

icinga2-2.14.3-1.1 on GA media Announcement ID: openSUSE-SU-2024:14493-1 Rating: moderate Cross-References: CVE-2024-49369 CVSS scores: CVE-2024-49369 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2024-49369 SUSE : 10 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H...

10CVSS7.5AI score0.02934EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/11/14 12:23 a.m.4 views

SUSE CVE-2024-49369

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS7.1AI score0.02934EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2024/11/12 5:15 p.m.12 views

CVE-2024-49369

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS6.9AI score0.02934EPSS
Exploits1References9
Circl
Circl
added 2024/11/12 4:53 p.m.10 views

CVE-2024-49369

creationtimestamp| type| source ---|---|--- 2024-11-12 16:53:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113471023692988977 2024-11-12 18:53:52+00:00| seen| https://t.me/cvedetector/10668...

9.8CVSS6.8AI score0.02934EPSS
Exploits1References2
CVE
CVE
added 2024/11/12 4:44 p.m.114 views

CVE-2024-49369

CVE-2024-49369 affects Icinga2 TLS certificate validation from version 2.4.0, enabling impersonation of trusted cluster nodes or API users using client certificates. Fixed in Icinga 2.14.3, 2.13.10, 2.12.11, and 2.11.12. The connected Nessus/ALPINE entries confirm the vulnerability and the fix ve...

9.8CVSS9.5AI score0.02934EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2024/11/12 4:44 p.m.61 views

CVE-2024-49369 Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS0.02934EPSS
Exploits1References7
Rows per page
Query Builder