// For flags

CVE-2024-24820

Icinga Director configuration is susceptible to Cross-Site Request Forgery

Severity Score

8.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery (CSRF). It enables attackers to perform changes in the monitoring environment managed by Icinga Director without the awareness of the victim. Users of the map module in version 1.x, should immediately upgrade to v2.0. The mentioned XSS vulnerabilities in Icinga Web are already fixed as well and upgrades to the most recent release of the 2.9, 2.10 or 2.11 branch must be performed if not done yet. Any later major release is also suitable. Icinga Director will receive minor updates to the 1.8, 1.9, 1.10 and 1.11 branches to remedy this issue. Upgrade immediately to a patched release. If that is not feasible, disable the director module for the time being.

Icinga Director es una herramienta manipulada para facilitar el manejo de la configuración de Icinga 2. Ninguno de los formularios de configuración de Icinga Director utilizados para manipular el entorno de monitoreo está protegido contra cross site request forgery (CSRF). Permite a los atacantes realizar cambios en el entorno de monitoreo administrado por Icinga Director sin el conocimiento de la víctima. Los usuarios del módulo de mapas en la versión 1.x deben actualizar inmediatamente a la versión 2.0. Las vulnerabilidades XSS mencionadas en Icinga Web también ya están solucionadas y se deben realizar actualizaciones a la versión más reciente de la rama 2.9, 2.10 o 2.11 si aún no se han hecho. Cualquier versión importante posterior también es adecuada. Icinga Director recibirá actualizaciones menores para las ramas 1.8, 1.9, 1.10 y 1.11 para solucionar este problema. Actualice inmediatamente a una versión parcheada. Si eso no es posible, desactive el módulo director por el momento.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2024-01-31 CVE Reserved
  • 2024-02-09 CVE Published
  • 2024-02-17 EPSS Updated
  • 2024-08-01 CVE Updated
  • 2024-08-01 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
>= 1.0.0 < 1.8.2
Search vendor "Icinga" for product "Icinga" and version " >= 1.0.0 < 1.8.2"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
>= 1.9.0 < 1.9.2
Search vendor "Icinga" for product "Icinga" and version " >= 1.9.0 < 1.9.2"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
>= 1.10.0 < 1.10.3
Search vendor "Icinga" for product "Icinga" and version " >= 1.10.0 < 1.10.3"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
>= 1.11.0 < 1.11.3
Search vendor "Icinga" for product "Icinga" and version " >= 1.11.0 < 1.11.3"
-
Affected