EPSS
Percentile
79.5%
Icinga is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization which expose certain credentials through the API to authenticated API users with read permissions for the corresponding object types.
github.com/Icinga/icinga2/security/advisories/GHSA-wrpw-pmr8-qgj7
icinga.com/blog/2021/07/15/releasing-icinga-2-12-5-and-2-11-10/
lists.debian.org/debian-lts-announce/2021/11/msg00010.html
security-tracker.debian.org/tracker/CVE-2021-32743