Icinga Web 2 Security Vulnerabilities and Issues — Icinga Web 2 CVE List

Lucene search

IcingaIcinga Web 2

3 matches found

CVE•added 2020/08/19 3:15 p.m.•166 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2.

7.5CVSS7.2AI score0.01751EPSS

CVE•added 2022/03/08 8:15 p.m.•152 views

CVE-2022-24716

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolved...

7.5CVSS7.3AI score0.93378EPSS

CVE•added 2018/12/17 3:29 p.m.•107 views

CVE-2018-18250

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.

7.5CVSS7.8AI score0.00238EPSS