Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-48057

Опубликовано: 27 мая 2025
Источник: debian
EPSS Низкий

Описание

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
icinga2fixed2.14.6-1package
icinga2ignoredbookwormpackage
icinga2ignoredbullseyepackage

Примечания

  • Fixed by: https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6

  • Fixed by: https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb (master)

  • Fixed by: https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f (v2.14.6)

  • Fixed by: https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776 (v2.13.12)

  • Fixed by: https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d (v2.12.12)

  • Fxied by: https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152 (v2.12.12)

EPSS

Процентиль: 10%
0.00037
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-48057

ubuntu
23 дня назад

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.

nvd логотип

CVE-2025-48057

nvd
23 дня назад

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.

EPSS

Процентиль: 10%
0.00037
Низкий