Icinga Web 2 Security Vulnerabilities and Issues — Icinga Web 2 CVE List

Lucene search

IcingaIcinga Web 2

3 matches found

CVE•added 2022/03/08 8:15 p.m.•152 views

CVE-2022-24716

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolved...

7.5CVSS7.3AI score0.93378EPSS

CVE•added 2022/03/08 8:15 p.m.•110 views

CVE-2022-24715

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, ...

8.8CVSS8.7AI score0.72512EPSS

CVE•added 2022/03/08 8:15 p.m.•104 views

CVE-2022-24714

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may stil...

5.3CVSS5.4AI score0.00317EPSS