Описание
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.
Ссылки
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.
Icinga Web 2 is an open source monitoring web interface, framework and ...
Уязвимость PHP фреймворка Icinga Web 2, позволяющая нарушителю выполнить произвольный код
EPSS
7.5 High
CVSS3
5 Medium
CVSS2