CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37698 – Missing TLS service certificate validation in GelfWriter, ElasticsearchWriter, InfluxdbWriter and Influxdb2Writer
https://notcve.org/view.php?id=CVE-2021-37698
19 Aug 2021 — Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions 2.5.0 through 2.13.0, ElasticsearchWriter, GelfWriter, InfluxdbWriter and Influxdb2Writer do not verify the server's certificate despite a certificate authority being specified. Icinga 2 instances which connect to any of the mentioned time series databases (TSDBs) using TLS over a spoofable infrastructure should immediately upgrade to version ... • https://github.com/Icinga/icinga2/releases/tag/v2.11.11 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-32743 – Passwords used to access external services inadvertently exposed through API
https://notcve.org/view.php?id=CVE-2021-32743
15 Jul 2021 — Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions prior to 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credentials for external services expose those credentials through the API to authenticated API users with read permissions for the corresponding object types. IdoMysqlConnection and IdoPgsqlConnection (every released version) exposes th... • https://github.com/Icinga/icinga2/security/advisories/GHSA-wrpw-pmr8-qgj7 • CWE-202: Exposure of Sensitive Information Through Data Queries •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-32739 – Results of queries for ApiListener objects include the ticket salt which allows in turn to steal (more privileged) identities
https://notcve.org/view.php?id=CVE-2021-32739
15 Jul 2021 — Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API users. With a read-ony user's credentials, an attacker can view most attributes of all config objects including `ticket_salt` of `ApiListener`. This salt is enough to compute a ticket for every possible common name (CN). A ticket, th... • https://github.com/Icinga/icinga2/security/advisories/GHSA-98wp-jc6q-x5q5 • CWE-267: Privilege Defined With Unsafe Actions CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-32747 – Custom variable protection and blacklists can be circumvented
https://notcve.org/view.php?id=CVE-2021-32747
12 Jul 2021 — Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga 2. These are commonly used to reference secrets in other configurations such as check commands to be able to authenticate with a service being checked. Icinga Web 2 displays these custom variables to logged in user... • https://github.com/Icinga/icingaweb2/releases/tag/v2.7.5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2021-32746 – Possible path traversal by use of the `doc` module
https://notcve.org/view.php?id=CVE-2021-32746
12 Jul 2021 — Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Between versions 2.3.0 and 2.8.2, the `doc` module of Icinga Web 2 allows to view documentation directly in the UI. It must be enabled manually by an administrator and users need explicit access permission to use it. Then, by visiting a certain route, it is possible to gain access to arbitrary files readable by the web-server user. The issue has been fixed in the 2.9.0, 2.8.3, and 2.7.5 releases. • https://github.com/Icinga/icingaweb2/releases/tag/v2.7.5 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-14004
https://notcve.org/view.php?id=CVE-2020-14004
12 Jun 2020 — An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user. Se detectó un problema en Icinga2 versiones anteriores a v2.12.0-rc1. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00014.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6535
https://notcve.org/view.php?id=CVE-2018-6535
27 Feb 2018 — An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker. Se ha descubierto un problema en Icinga, en versiones 2.x hasta la 2.8.1. La falta de una función de comparación de contraseña en tiempo constante (constant-time) puede revelar la contraseña a un atacante. • https://github.com/Icinga/icinga2/issues/4920 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6533
https://notcve.org/view.php?id=CVE-2018-6533
27 Feb 2018 — An issue was discovered in Icinga 2.x through 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-executed code (a larger issue than CVE-2017-16933). Se ha descubierto un problema en Icinga, en versiones 2.x hasta la 2.8.1. • https://github.com/Icinga/icinga2/pull/5850 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6532
https://notcve.org/view.php?id=CVE-2018-6532
27 Feb 2018 — An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer. Se ha descubierto un problema en Icinga, en versiones 2.x hasta la 2.8.1. Mediante el envío de peticiones (autenticadas y no autenticadas) especialmente manipuladas, un atacante puede agotar mucha memoria del lado del servidor, desencadenando el killer OOM. • https://github.com/Icinga/icinga2/pull/6103 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6534
https://notcve.org/view.php?id=CVE-2018-6534
27 Feb 2018 — An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted messages, an attacker can cause a NULL pointer dereference, which can cause the product to crash. Se ha descubierto un problema en Icinga, en versiones 2.x hasta la 2.8.1. Al enviar mensajes especialmente manipulados, un atacante puede provocar una desreferencia de puntero NULL, lo que puede hacer que el producto se cierre inesperadamente. • https://github.com/Icinga/icinga2/pull/6104 • CWE-476: NULL Pointer Dereference •