Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    106 vulnerabilities by icinga

    CVE-2026-42224 (GCVE-0-2026-42224)

    Vulnerability from nvd – Published: 2026-05-08 22:02 – Updated: 2026-06-09 10:44
    VLAI
    Title
    ipl/web is vulnerable to reflected XSS by malformed search requests
    Summary
    ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. This issue has been patched in versions 0.13.1 and 0.10.3.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga ipl-web Affected: >= 0.11.0, < 0.13.1
    Affected: < 0.10.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42224",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-11T15:58:24.417193Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-11T15:58:31.300Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ipl-web",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.11.0, \u003c 0.13.1"
                },
                {
                  "status": "affected",
                  "version": "\u003c 0.10.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim\u0027s browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. This issue has been patched in versions 0.13.1 and 0.10.3."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T10:44:43.005Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/ipl-web/security/advisories/GHSA-55wf-5m3q-6jjf",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/ipl-web/security/advisories/GHSA-55wf-5m3q-6jjf"
            },
            {
              "name": "https://github.com/Icinga/ipl-web/commit/f387e92504d7a03bb857d1aee9b7410e06dd065d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/ipl-web/commit/f387e92504d7a03bb857d1aee9b7410e06dd065d"
            },
            {
              "name": "https://github.com/Icinga/ipl-web/releases/tag/v0.10.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/ipl-web/releases/tag/v0.10.3"
            },
            {
              "name": "https://github.com/Icinga/ipl-web/releases/tag/v0.13.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/ipl-web/releases/tag/v0.13.1"
            }
          ],
          "source": {
            "advisory": "GHSA-55wf-5m3q-6jjf",
            "discovery": "UNKNOWN"
          },
          "title": "ipl/web is vulnerable to reflected XSS by malformed search requests"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-42224",
        "datePublished": "2026-05-08T22:02:52.231Z",
        "dateReserved": "2026-04-25T05:37:12.116Z",
        "dateUpdated": "2026-06-09T10:44:43.005Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24414 (GCVE-0-2026-24414)

    Vulnerability from nvd – Published: 2026-01-29 17:35 – Updated: 2026-01-29 21:17
    VLAI
    Title
    Icinga for Windows certificate can have too-open permissions
    Summary
    The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificate` directory grant every user read access, which results in the exposure of private key of the Icinga certificate for the given host. All installations are affected. Versions 1.13.4, 1.12.4, and 1.11.2 contains a patch. Please note that upgrading to a fixed version of Icinga for Windows will also automatically fix a similar issue present in Icinga 2, CVE-2026-24413. As a workaround, the permissions can be restricted manually by updating the ACL for the given folder `C:\Program Files\WindowsPowerShell\modules\icinga-powershell-framework\certificate` (and `C:\ProgramData\icinga2\var` to fix the issue for the Icinga 2 agent as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga-powershell-framework Affected: < 1.11.2
    Affected: >= 1.12.0, < 1.12.4
    Affected: >= 1.13.0, < 1.13.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24414",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T21:17:00.639401Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T21:17:16.794Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga-powershell-framework",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 1.11.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.12.0, \u003c 1.12.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.13.0, \u003c 1.13.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificate` directory grant every user read access, which results in the exposure of private key of the Icinga certificate for the given host. All installations are affected. Versions 1.13.4, 1.12.4, and 1.11.2 contains a patch. Please note that upgrading to a fixed version of Icinga for Windows will also automatically fix a similar issue present in Icinga 2, CVE-2026-24413. As a workaround, the permissions can be restricted manually by updating the ACL for the given folder `C:\\Program Files\\WindowsPowerShell\\modules\\icinga-powershell-framework\\certificate` (and `C:\\ProgramData\\icinga2\\var` to fix the issue for the Icinga 2 agent as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T17:35:43.323Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973"
            },
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2"
            }
          ],
          "source": {
            "advisory": "GHSA-88h5-rrm6-5973",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga for Windows certificate can have too-open permissions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-24414",
        "datePublished": "2026-01-29T17:35:43.323Z",
        "dateReserved": "2026-01-22T18:19:49.174Z",
        "dateUpdated": "2026-01-29T21:17:16.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24413 (GCVE-0-2026-24413)

    Vulnerability from nvd – Published: 2026-01-29 17:21 – Updated: 2026-01-29 21:23
    VLAI
    Title
    Icinga has insecure permission of %ProgramData%\icinga2\var on Windows
    Summary
    Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\icinga2\var` folder on Windows. This resulted in the its contents - including the private key of the user and synced configuration - being readable by all local users. All installations on Windows are affected. Versions 2.13.14, 2.14.8, and 2.15.2 contains a fix. There are two possibilities to work around the issue without upgrading Icinga 2. Upgrade Icinga for Windows to at least version v1.13.4, v1.12.4, or v1.11.2. These version will automatically fix the ACLs for the Icinga 2 agent as well. Alternatively, manually update the ACL for the given folder `C:\ProgramData\icinga2\var` (and `C:\Program Files\WindowsPowerShell\modules\icinga-powershell-framework\certificate` to fix the issue for the Icinga for Windows as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >= 2.3.0, < 2.13.14
    Affected: >= 2.14.0, < 2.14.8
    Affected: >= 2.15.0, < 2.15.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24413",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T21:23:06.715208Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T21:23:20.671Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.3.0, \u003c 2.13.14"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.14.0, \u003c 2.14.8"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.15.0, \u003c 2.15.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\\icinga2\\var` folder on Windows. This resulted in the its contents - including the private key of the user and synced configuration - being readable by all local users. All installations on Windows are affected. Versions 2.13.14, 2.14.8, and 2.15.2 contains a fix. There are two possibilities to work around the issue without upgrading Icinga 2. Upgrade Icinga for Windows to at least version v1.13.4, v1.12.4, or v1.11.2. These version will automatically fix the ACLs for the Icinga 2 agent as well. Alternatively, manually update the ACL for the given folder `C:\\ProgramData\\icinga2\\var` (and `C:\\Program Files\\WindowsPowerShell\\modules\\icinga-powershell-framework\\certificate` to fix the issue for the Icinga for Windows as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T17:21:01.438Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr"
            },
            {
              "name": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2"
            }
          ],
          "source": {
            "advisory": "GHSA-vfjg-6fpv-4mmr",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga has insecure permission of %ProgramData%\\icinga2\\var on Windows"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-24413",
        "datePublished": "2026-01-29T17:21:01.438Z",
        "dateReserved": "2026-01-22T18:19:49.174Z",
        "dateUpdated": "2026-01-29T21:23:20.671Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61909 (GCVE-0-2025-61909)

    Vulnerability from nvd – Published: 2025-10-16 17:20 – Updated: 2025-10-16 19:23
    VLAI
    Title
    Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
    Summary
    Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user, but send the signal as the root user. This can allow the Icinga user to send signals to processes it would otherwise not permitted to. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >=2.10.0, < 2.13.13
    Affected: >=2.14.0, < 2.14.7
    Affected: >=2.15.0, < 2.15.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61909",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:28:59.888518Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T19:23:18.312Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e=2.10.0, \u003c 2.13.13"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.14.0, \u003c 2.14.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.15.0, \u003c 2.15.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user, but send the signal as the root user. This can allow the Icinga user to send signals to processes it would otherwise not permitted to. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250: Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:20:14.705Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-pg6g-g99v-mw46",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-pg6g-g99v-mw46"
            },
            {
              "name": "https://github.com/Icinga/icinga2/issues/10527",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/issues/10527"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/51ec73cbd922a76fc0f60e1d8d33acd7caa5d587",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/51ec73cbd922a76fc0f60e1d8d33acd7caa5d587"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4"
            }
          ],
          "source": {
            "advisory": "GHSA-pg6g-g99v-mw46",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61909",
        "datePublished": "2025-10-16T17:20:14.705Z",
        "dateReserved": "2025-10-03T22:21:59.614Z",
        "dateUpdated": "2025-10-16T19:23:18.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61908 (GCVE-0-2025-61908)

    Vulnerability from nvd – Published: 2025-10-16 17:16 – Updated: 2025-10-16 19:23
    VLAI
    Title
    Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference
    Summary
    Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a filter expression to crash the Icinga 2 daemon. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >=2.10.0, < 2.13.13
    Affected: >=2.14.0, < 2.14.7
    Affected: >=2.15.0, < 2.15.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61908",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:29:26.855938Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T19:23:24.141Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e=2.10.0, \u003c 2.13.13"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.14.0, \u003c 2.14.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.15.0, \u003c 2.15.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a filter expression to crash the Icinga 2 daemon. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:16:58.165Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-v9jg-xqhj-f43g",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-v9jg-xqhj-f43g"
            },
            {
              "name": "https://github.com/Icinga/icinga2/pull/6521",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/pull/6521"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4"
            }
          ],
          "source": {
            "advisory": "GHSA-v9jg-xqhj-f43g",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61908",
        "datePublished": "2025-10-16T17:16:58.165Z",
        "dateReserved": "2025-10-03T22:21:59.613Z",
        "dateUpdated": "2025-10-16T19:23:24.141Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61907 (GCVE-0-2025-61907)

    Vulnerability from nvd – Published: 2025-10-16 17:11 – Updated: 2025-10-16 19:23
    VLAI
    Title
    Icinga 2 API users could access restricted values in filter expressions
    Summary
    Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information that should be hidden from them, including global variables not permitted by the variables permission and objects not permitted by the corresponding objects/query permissions. The vulnerability is fixed in versions 2.15.1, 2.14.7, and 2.13.13.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    • CWE-204 - Observable Response Discrepancy
    • CWE-749 - Exposed Dangerous Method or Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >= 2.15.0, < 2.15.1
    Affected: >= 2.14.0, < 2.14.7
    Affected: >= 2.4.0, < 2.13.13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61907",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:29:45.437033Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T19:23:30.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.15.0, \u003c 2.15.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.14.0, \u003c 2.14.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.4.0, \u003c 2.13.13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information that should be hidden from them, including global variables not permitted by the variables permission and objects not permitted by the corresponding objects/query permissions. The vulnerability is fixed in versions 2.15.1, 2.14.7, and 2.13.13."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-204",
                  "description": "CWE-204: Observable Response Discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-749",
                  "description": "CWE-749: Exposed Dangerous Method or Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:11:59.338Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-gg32-w9rm-vp2v",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-gg32-w9rm-vp2v"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/56255ac7a689b9e198742d2fca6f7459a54c85a3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/56255ac7a689b9e198742d2fca6f7459a54c85a3"
            }
          ],
          "source": {
            "advisory": "GHSA-gg32-w9rm-vp2v",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 API users could access restricted values in filter expressions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61907",
        "datePublished": "2025-10-16T17:11:59.338Z",
        "dateReserved": "2025-10-03T22:21:59.613Z",
        "dateUpdated": "2025-10-16T19:23:30.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61789 (GCVE-0-2025-61789)

    Vulnerability from nvd – Published: 2025-10-16 17:00 – Updated: 2025-10-16 18:03
    VLAI
    Title
    Icinga DB Web hidden/protected custom variables are prone to filter enumeration
    Summary
    Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it. Versions 1.1.4 and 1.2.3 respond with an error if such a custom variable is used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-204 - Observable Response Discrepancy
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icingadb-web Affected: < 1.1.4
    Affected: >= 1.2.0, < 1.2.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61789",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:03:04.157632Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T18:03:11.988Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingadb-web",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 1.1.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.2.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it. Versions 1.1.4 and 1.2.3 respond with an error if such a custom variable is used."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-204",
                  "description": "CWE-204: Observable Response Discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:00:32.247Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-w57j-28jc-8429",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-w57j-28jc-8429"
            },
            {
              "name": "https://github.com/Icinga/icingadb-web/commit/5e982dad40ec379075307ab1693580138e675b18",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingadb-web/commit/5e982dad40ec379075307ab1693580138e675b18"
            }
          ],
          "source": {
            "advisory": "GHSA-w57j-28jc-8429",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga DB Web hidden/protected custom variables are prone to filter enumeration"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61789",
        "datePublished": "2025-10-16T17:00:32.247Z",
        "dateReserved": "2025-09-30T19:43:49.903Z",
        "dateUpdated": "2025-10-16T18:03:11.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-53840 (GCVE-0-2025-53840)

    Vulnerability from nvd – Published: 2025-07-16 13:34 – Updated: 2025-07-18 14:56
    VLAI
    Title
    Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability
    Summary
    Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren't meant to on the dependency map. However, the name of an object will not be revealed nor does this grant access to a host's or service's detail view. Please note that this only affects the restrictions `filter/hosts` and `filter/services`. `filter/objects` is not affected by this and restricts objects as it is supposed to. Version 1.2.2 applies these restrictions properly. As a workaround, one may downgrade to version 1.1.3.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icingadb-web Affected: >= 1.2.0, < 1.2.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53840",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-18T14:55:55.415220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-18T14:56:03.369Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingadb-web",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.2.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren\u0027t meant to on the dependency map. However, the name of an object will not be revealed nor does this grant access to a host\u0027s or service\u0027s detail view. Please note that this only affects the restrictions `filter/hosts` and `filter/services`. `filter/objects` is not affected by this and restricts objects as it is supposed to. Version 1.2.2 applies these restrictions properly. As a workaround, one may downgrade to version 1.1.3."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T13:34:37.477Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-q2w7-mrx8-5473",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-q2w7-mrx8-5473"
            },
            {
              "name": "https://github.com/Icinga/icingadb-web/releases/tag/v1.2.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingadb-web/releases/tag/v1.2.2"
            }
          ],
          "source": {
            "advisory": "GHSA-q2w7-mrx8-5473",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-53840",
        "datePublished": "2025-07-16T13:34:37.477Z",
        "dateReserved": "2025-07-09T14:14:52.532Z",
        "dateUpdated": "2025-07-18T14:56:03.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-48057 (GCVE-0-2025-48057)

    Vulnerability from nvd – Published: 2025-05-27 16:32 – Updated: 2025-05-27 18:27
    VLAI
    Title
    Icinga 2 certificate renewal might incorrectly renew an invalid certificate
    Summary
    Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-296 - Improper Following of a Certificate's Chain of Trust
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >= 2.14.0, < 2.14.6
    Affected: >= 2.13.0, < 2.13.12
    Affected: < 2.12.12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48057",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-27T18:20:40.298192Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-27T18:27:57.002Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.14.0, \u003c 2.14.6"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.13.0, \u003c 2.13.12"
                },
                {
                  "status": "affected",
                  "version": "\u003c 2.12.12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-296",
                  "description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-27T16:32:29.931Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d"
            }
          ],
          "source": {
            "advisory": "GHSA-7vcf-f5v9-3wr6",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 certificate renewal might incorrectly renew an invalid certificate"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-48057",
        "datePublished": "2025-05-27T16:32:29.931Z",
        "dateReserved": "2025-05-15T16:06:40.940Z",
        "dateUpdated": "2025-05-27T18:27:57.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-30164 (GCVE-0-2025-30164)

    Vulnerability from nvd – Published: 2025-03-26 16:13 – Updated: 2025-05-12 15:41
    VLAI
    Title
    Icinga Web 2 has open redirect on login page
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user (or one that is able to authenticate), allows to manipulate the backend to redirect the user to any location. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. No known workarounds are available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-30164",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T17:11:13.990106Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-12T15:41:08.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user (or one that is able to authenticate), allows to manipulate the backend to redirect the user to any location. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. No known workarounds are available."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-601",
                  "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T16:13:26.590Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-8r73-6686-wv8q",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-8r73-6686-wv8q"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-8r73-6686-wv8q",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 has open redirect on login page"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-30164",
        "datePublished": "2025-03-26T16:13:26.590Z",
        "dateReserved": "2025-03-17T12:41:42.567Z",
        "dateUpdated": "2025-05-12T15:41:08.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27609 (GCVE-0-2025-27609)

    Vulnerability from nvd – Published: 2025-03-26 16:10 – Updated: 2025-03-26 18:05
    VLAI
    Title
    Icinga Web 2 Vulnerable to Reflected XSS
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27609",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T17:11:55.741138Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T18:05:36.741Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim\u0027s Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 1.1,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T16:10:19.223Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5cjw-fwjc-8j38",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5cjw-fwjc-8j38"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-5cjw-fwjc-8j38",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 Vulnerable to Reflected XSS"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27609",
        "datePublished": "2025-03-26T16:10:19.223Z",
        "dateReserved": "2025-03-03T15:10:34.079Z",
        "dateUpdated": "2025-03-26T18:05:36.741Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27406 (GCVE-0-2025-27406)

    Vulnerability from nvd – Published: 2025-03-26 15:49 – Updated: 2025-03-26 16:15
    VLAI
    Title
    Icinga Reporting Stored XSS leads to SSRF
    Summary
    Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of Icinga Reporting. As a workaround, review all templates and remove suspicious settings.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icingaweb2-module-reporting Affected: >= 0.10.0, < 1.0.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T16:15:15.393303Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T16:15:22.593Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2-module-reporting",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.10.0, \u003c 1.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of Icinga Reporting. As a workaround, review all templates and remove suspicious settings."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918: Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T15:49:45.273Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2-module-reporting/security/advisories/GHSA-7qvq-54vm-r7hx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-reporting/security/advisories/GHSA-7qvq-54vm-r7hx"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-reporting/releases/tag/v1.0.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-reporting/releases/tag/v1.0.3"
            }
          ],
          "source": {
            "advisory": "GHSA-7qvq-54vm-r7hx",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Reporting Stored XSS leads to SSRF"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27406",
        "datePublished": "2025-03-26T15:49:45.273Z",
        "dateReserved": "2025-02-24T15:51:17.267Z",
        "dateUpdated": "2025-03-26T16:15:22.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27405 (GCVE-0-2025-27405)

    Vulnerability from nvd – Published: 2025-03-26 15:10 – Updated: 2025-03-26 15:57
    VLAI
    Title
    Icinga Web 2 has XSS in embedded content
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27405",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T15:32:25.389310Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T15:57:52.238Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T15:10:10.288Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-3x37-fjc3-ch8w",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-3x37-fjc3-ch8w"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-3x37-fjc3-ch8w",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 has XSS in embedded content"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27405",
        "datePublished": "2025-03-26T15:10:10.288Z",
        "dateReserved": "2025-02-24T15:51:17.267Z",
        "dateUpdated": "2025-03-26T15:57:52.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27404 (GCVE-0-2025-27404)

    Vulnerability from nvd – Published: 2025-03-26 14:21 – Updated: 2025-03-26 15:10
    VLAI
    Title
    Icinga Web 2 DOM-based XSS vulnerability
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T14:53:16.085511Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T14:53:31.777Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T15:10:01.679Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-c6pg-h955-wf66",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-c6pg-h955-wf66"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-c6pg-h955-wf66",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 DOM-based XSS vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27404",
        "datePublished": "2025-03-26T14:21:05.363Z",
        "dateReserved": "2025-02-24T15:51:17.267Z",
        "dateUpdated": "2025-03-26T15:10:01.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23203 (GCVE-0-2025-23203)

    Vulnerability from nvd – Published: 2025-03-26 13:44 – Updated: 2026-01-20 19:13
    VLAI
    Title
    Icinga has rest API endpoints accessible to restricted users
    Summary
    Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required (plus api access with regard to the api endpoints). And even though some of these Icinga Director users are restricted from accessing certain objects, are able to retrieve information related to them if their name is known. This makes it possible to change the configuration of these objects by those Icinga Director users restricted from accessing them. This results in further exploitation, data breaches and sensitive information disclosure. Affected endpoints include icingaweb2/director/service, if the host name is left out of the query; icingaweb2/directore/notification; icingaweb2/director/serviceset; and icingaweb2/director/scheduled-downtime. In addition, the endpoint `icingaweb2/director/services?host=filteredHostName` returns a status code 200 even though the services for the host is filtered. This in turn lets the restricted user know that the host `filteredHostName` exists even though the user is restricted from accessing it. This could again result in further exploitation of this information and data breaches. Icinga Director has patches in versions 1.10.4 and 1.11.4. If upgrading is not feasible, disable the director module for the users other than admin role for the time being.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2-module-director Affected: >= 1.0.0, < 1.10.4
    Affected: >= 1.11.0, < 1.11.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23203",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T14:07:51.611117Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-02T16:02:38.737Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2-module-director",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.10.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.11.0, \u003c 1.11.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required (plus api access with regard to the api endpoints). And even though some of these Icinga Director users are restricted from accessing certain objects, are able to retrieve information related to them if their name is known. This makes it possible to change the configuration of these objects by those Icinga Director users restricted from accessing them. This results in further exploitation, data breaches and sensitive information disclosure. Affected endpoints include icingaweb2/director/service, if the host name is left out of the query; icingaweb2/directore/notification; icingaweb2/director/serviceset; and icingaweb2/director/scheduled-downtime. In addition, the endpoint `icingaweb2/director/services?host=filteredHostName` returns a status code 200 even though the services for the host is filtered. This in turn lets the restricted user know that the host `filteredHostName` exists even though the user is restricted from accessing it.  This could again result in further exploitation of this information and data breaches. Icinga Director has patches in versions 1.10.4 and 1.11.4. If upgrading is not feasible, disable the director module for the users other than admin role for the time being."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-20T19:13:43.844Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3233-ggc5-m3qg",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3233-ggc5-m3qg"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/commit/3fcb20178ff1722329bf8689795e6cc8e53a9978",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/commit/3fcb20178ff1722329bf8689795e6cc8e53a9978"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/commit/8d9ecf3b0a852aa2a756c518ef4f29db9ca0f9ee",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/commit/8d9ecf3b0a852aa2a756c518ef4f29db9ca0f9ee"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.10.4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.10.4"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.11.4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.11.4"
            }
          ],
          "source": {
            "advisory": "GHSA-3233-ggc5-m3qg",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga has rest API endpoints accessible to restricted users"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-23203",
        "datePublished": "2025-03-26T13:44:58.110Z",
        "dateReserved": "2025-01-13T17:15:41.050Z",
        "dateUpdated": "2026-01-20T19:13:43.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-42224 (GCVE-0-2026-42224)

    Vulnerability from cvelistv5 – Published: 2026-05-08 22:02 – Updated: 2026-06-09 10:44
    VLAI
    Title
    ipl/web is vulnerable to reflected XSS by malformed search requests
    Summary
    ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. This issue has been patched in versions 0.13.1 and 0.10.3.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga ipl-web Affected: >= 0.11.0, < 0.13.1
    Affected: < 0.10.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42224",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-11T15:58:24.417193Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-11T15:58:31.300Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ipl-web",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.11.0, \u003c 0.13.1"
                },
                {
                  "status": "affected",
                  "version": "\u003c 0.10.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim\u0027s browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. This issue has been patched in versions 0.13.1 and 0.10.3."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T10:44:43.005Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/ipl-web/security/advisories/GHSA-55wf-5m3q-6jjf",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/ipl-web/security/advisories/GHSA-55wf-5m3q-6jjf"
            },
            {
              "name": "https://github.com/Icinga/ipl-web/commit/f387e92504d7a03bb857d1aee9b7410e06dd065d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/ipl-web/commit/f387e92504d7a03bb857d1aee9b7410e06dd065d"
            },
            {
              "name": "https://github.com/Icinga/ipl-web/releases/tag/v0.10.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/ipl-web/releases/tag/v0.10.3"
            },
            {
              "name": "https://github.com/Icinga/ipl-web/releases/tag/v0.13.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/ipl-web/releases/tag/v0.13.1"
            }
          ],
          "source": {
            "advisory": "GHSA-55wf-5m3q-6jjf",
            "discovery": "UNKNOWN"
          },
          "title": "ipl/web is vulnerable to reflected XSS by malformed search requests"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-42224",
        "datePublished": "2026-05-08T22:02:52.231Z",
        "dateReserved": "2026-04-25T05:37:12.116Z",
        "dateUpdated": "2026-06-09T10:44:43.005Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24414 (GCVE-0-2026-24414)

    Vulnerability from cvelistv5 – Published: 2026-01-29 17:35 – Updated: 2026-01-29 21:17
    VLAI
    Title
    Icinga for Windows certificate can have too-open permissions
    Summary
    The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificate` directory grant every user read access, which results in the exposure of private key of the Icinga certificate for the given host. All installations are affected. Versions 1.13.4, 1.12.4, and 1.11.2 contains a patch. Please note that upgrading to a fixed version of Icinga for Windows will also automatically fix a similar issue present in Icinga 2, CVE-2026-24413. As a workaround, the permissions can be restricted manually by updating the ACL for the given folder `C:\Program Files\WindowsPowerShell\modules\icinga-powershell-framework\certificate` (and `C:\ProgramData\icinga2\var` to fix the issue for the Icinga 2 agent as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga-powershell-framework Affected: < 1.11.2
    Affected: >= 1.12.0, < 1.12.4
    Affected: >= 1.13.0, < 1.13.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24414",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T21:17:00.639401Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T21:17:16.794Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga-powershell-framework",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 1.11.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.12.0, \u003c 1.12.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.13.0, \u003c 1.13.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificate` directory grant every user read access, which results in the exposure of private key of the Icinga certificate for the given host. All installations are affected. Versions 1.13.4, 1.12.4, and 1.11.2 contains a patch. Please note that upgrading to a fixed version of Icinga for Windows will also automatically fix a similar issue present in Icinga 2, CVE-2026-24413. As a workaround, the permissions can be restricted manually by updating the ACL for the given folder `C:\\Program Files\\WindowsPowerShell\\modules\\icinga-powershell-framework\\certificate` (and `C:\\ProgramData\\icinga2\\var` to fix the issue for the Icinga 2 agent as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T17:35:43.323Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973"
            },
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2"
            }
          ],
          "source": {
            "advisory": "GHSA-88h5-rrm6-5973",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga for Windows certificate can have too-open permissions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-24414",
        "datePublished": "2026-01-29T17:35:43.323Z",
        "dateReserved": "2026-01-22T18:19:49.174Z",
        "dateUpdated": "2026-01-29T21:17:16.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24413 (GCVE-0-2026-24413)

    Vulnerability from cvelistv5 – Published: 2026-01-29 17:21 – Updated: 2026-01-29 21:23
    VLAI
    Title
    Icinga has insecure permission of %ProgramData%\icinga2\var on Windows
    Summary
    Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\icinga2\var` folder on Windows. This resulted in the its contents - including the private key of the user and synced configuration - being readable by all local users. All installations on Windows are affected. Versions 2.13.14, 2.14.8, and 2.15.2 contains a fix. There are two possibilities to work around the issue without upgrading Icinga 2. Upgrade Icinga for Windows to at least version v1.13.4, v1.12.4, or v1.11.2. These version will automatically fix the ACLs for the Icinga 2 agent as well. Alternatively, manually update the ACL for the given folder `C:\ProgramData\icinga2\var` (and `C:\Program Files\WindowsPowerShell\modules\icinga-powershell-framework\certificate` to fix the issue for the Icinga for Windows as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >= 2.3.0, < 2.13.14
    Affected: >= 2.14.0, < 2.14.8
    Affected: >= 2.15.0, < 2.15.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24413",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T21:23:06.715208Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T21:23:20.671Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.3.0, \u003c 2.13.14"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.14.0, \u003c 2.14.8"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.15.0, \u003c 2.15.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\\icinga2\\var` folder on Windows. This resulted in the its contents - including the private key of the user and synced configuration - being readable by all local users. All installations on Windows are affected. Versions 2.13.14, 2.14.8, and 2.15.2 contains a fix. There are two possibilities to work around the issue without upgrading Icinga 2. Upgrade Icinga for Windows to at least version v1.13.4, v1.12.4, or v1.11.2. These version will automatically fix the ACLs for the Icinga 2 agent as well. Alternatively, manually update the ACL for the given folder `C:\\ProgramData\\icinga2\\var` (and `C:\\Program Files\\WindowsPowerShell\\modules\\icinga-powershell-framework\\certificate` to fix the issue for the Icinga for Windows as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T17:21:01.438Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr"
            },
            {
              "name": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2"
            }
          ],
          "source": {
            "advisory": "GHSA-vfjg-6fpv-4mmr",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga has insecure permission of %ProgramData%\\icinga2\\var on Windows"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-24413",
        "datePublished": "2026-01-29T17:21:01.438Z",
        "dateReserved": "2026-01-22T18:19:49.174Z",
        "dateUpdated": "2026-01-29T21:23:20.671Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61909 (GCVE-0-2025-61909)

    Vulnerability from cvelistv5 – Published: 2025-10-16 17:20 – Updated: 2025-10-16 19:23
    VLAI
    Title
    Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
    Summary
    Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user, but send the signal as the root user. This can allow the Icinga user to send signals to processes it would otherwise not permitted to. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >=2.10.0, < 2.13.13
    Affected: >=2.14.0, < 2.14.7
    Affected: >=2.15.0, < 2.15.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61909",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:28:59.888518Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T19:23:18.312Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e=2.10.0, \u003c 2.13.13"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.14.0, \u003c 2.14.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.15.0, \u003c 2.15.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user, but send the signal as the root user. This can allow the Icinga user to send signals to processes it would otherwise not permitted to. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250: Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:20:14.705Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-pg6g-g99v-mw46",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-pg6g-g99v-mw46"
            },
            {
              "name": "https://github.com/Icinga/icinga2/issues/10527",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/issues/10527"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/51ec73cbd922a76fc0f60e1d8d33acd7caa5d587",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/51ec73cbd922a76fc0f60e1d8d33acd7caa5d587"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4"
            }
          ],
          "source": {
            "advisory": "GHSA-pg6g-g99v-mw46",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61909",
        "datePublished": "2025-10-16T17:20:14.705Z",
        "dateReserved": "2025-10-03T22:21:59.614Z",
        "dateUpdated": "2025-10-16T19:23:18.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61908 (GCVE-0-2025-61908)

    Vulnerability from cvelistv5 – Published: 2025-10-16 17:16 – Updated: 2025-10-16 19:23
    VLAI
    Title
    Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference
    Summary
    Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a filter expression to crash the Icinga 2 daemon. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >=2.10.0, < 2.13.13
    Affected: >=2.14.0, < 2.14.7
    Affected: >=2.15.0, < 2.15.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61908",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:29:26.855938Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T19:23:24.141Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e=2.10.0, \u003c 2.13.13"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.14.0, \u003c 2.14.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e=2.15.0, \u003c 2.15.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a filter expression to crash the Icinga 2 daemon. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:16:58.165Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-v9jg-xqhj-f43g",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-v9jg-xqhj-f43g"
            },
            {
              "name": "https://github.com/Icinga/icinga2/pull/6521",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/pull/6521"
            },
            {
              "name": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4"
            }
          ],
          "source": {
            "advisory": "GHSA-v9jg-xqhj-f43g",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61908",
        "datePublished": "2025-10-16T17:16:58.165Z",
        "dateReserved": "2025-10-03T22:21:59.613Z",
        "dateUpdated": "2025-10-16T19:23:24.141Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61907 (GCVE-0-2025-61907)

    Vulnerability from cvelistv5 – Published: 2025-10-16 17:11 – Updated: 2025-10-16 19:23
    VLAI
    Title
    Icinga 2 API users could access restricted values in filter expressions
    Summary
    Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information that should be hidden from them, including global variables not permitted by the variables permission and objects not permitted by the corresponding objects/query permissions. The vulnerability is fixed in versions 2.15.1, 2.14.7, and 2.13.13.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    • CWE-204 - Observable Response Discrepancy
    • CWE-749 - Exposed Dangerous Method or Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >= 2.15.0, < 2.15.1
    Affected: >= 2.14.0, < 2.14.7
    Affected: >= 2.4.0, < 2.13.13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61907",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:29:45.437033Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T19:23:30.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.15.0, \u003c 2.15.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.14.0, \u003c 2.14.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.4.0, \u003c 2.13.13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information that should be hidden from them, including global variables not permitted by the variables permission and objects not permitted by the corresponding objects/query permissions. The vulnerability is fixed in versions 2.15.1, 2.14.7, and 2.13.13."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-204",
                  "description": "CWE-204: Observable Response Discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-749",
                  "description": "CWE-749: Exposed Dangerous Method or Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:11:59.338Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-gg32-w9rm-vp2v",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-gg32-w9rm-vp2v"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/56255ac7a689b9e198742d2fca6f7459a54c85a3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/56255ac7a689b9e198742d2fca6f7459a54c85a3"
            }
          ],
          "source": {
            "advisory": "GHSA-gg32-w9rm-vp2v",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 API users could access restricted values in filter expressions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61907",
        "datePublished": "2025-10-16T17:11:59.338Z",
        "dateReserved": "2025-10-03T22:21:59.613Z",
        "dateUpdated": "2025-10-16T19:23:30.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61789 (GCVE-0-2025-61789)

    Vulnerability from cvelistv5 – Published: 2025-10-16 17:00 – Updated: 2025-10-16 18:03
    VLAI
    Title
    Icinga DB Web hidden/protected custom variables are prone to filter enumeration
    Summary
    Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it. Versions 1.1.4 and 1.2.3 respond with an error if such a custom variable is used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-204 - Observable Response Discrepancy
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icingadb-web Affected: < 1.1.4
    Affected: >= 1.2.0, < 1.2.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61789",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-16T18:03:04.157632Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-16T18:03:11.988Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingadb-web",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 1.1.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.2.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it. Versions 1.1.4 and 1.2.3 respond with an error if such a custom variable is used."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-204",
                  "description": "CWE-204: Observable Response Discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T17:00:32.247Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-w57j-28jc-8429",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-w57j-28jc-8429"
            },
            {
              "name": "https://github.com/Icinga/icingadb-web/commit/5e982dad40ec379075307ab1693580138e675b18",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingadb-web/commit/5e982dad40ec379075307ab1693580138e675b18"
            }
          ],
          "source": {
            "advisory": "GHSA-w57j-28jc-8429",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga DB Web hidden/protected custom variables are prone to filter enumeration"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61789",
        "datePublished": "2025-10-16T17:00:32.247Z",
        "dateReserved": "2025-09-30T19:43:49.903Z",
        "dateUpdated": "2025-10-16T18:03:11.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-53840 (GCVE-0-2025-53840)

    Vulnerability from cvelistv5 – Published: 2025-07-16 13:34 – Updated: 2025-07-18 14:56
    VLAI
    Title
    Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability
    Summary
    Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren't meant to on the dependency map. However, the name of an object will not be revealed nor does this grant access to a host's or service's detail view. Please note that this only affects the restrictions `filter/hosts` and `filter/services`. `filter/objects` is not affected by this and restricts objects as it is supposed to. Version 1.2.2 applies these restrictions properly. As a workaround, one may downgrade to version 1.1.3.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icingadb-web Affected: >= 1.2.0, < 1.2.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53840",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-18T14:55:55.415220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-18T14:56:03.369Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingadb-web",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.2.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren\u0027t meant to on the dependency map. However, the name of an object will not be revealed nor does this grant access to a host\u0027s or service\u0027s detail view. Please note that this only affects the restrictions `filter/hosts` and `filter/services`. `filter/objects` is not affected by this and restricts objects as it is supposed to. Version 1.2.2 applies these restrictions properly. As a workaround, one may downgrade to version 1.1.3."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T13:34:37.477Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-q2w7-mrx8-5473",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingadb-web/security/advisories/GHSA-q2w7-mrx8-5473"
            },
            {
              "name": "https://github.com/Icinga/icingadb-web/releases/tag/v1.2.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingadb-web/releases/tag/v1.2.2"
            }
          ],
          "source": {
            "advisory": "GHSA-q2w7-mrx8-5473",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-53840",
        "datePublished": "2025-07-16T13:34:37.477Z",
        "dateReserved": "2025-07-09T14:14:52.532Z",
        "dateUpdated": "2025-07-18T14:56:03.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-48057 (GCVE-0-2025-48057)

    Vulnerability from cvelistv5 – Published: 2025-05-27 16:32 – Updated: 2025-05-27 18:27
    VLAI
    Title
    Icinga 2 certificate renewal might incorrectly renew an invalid certificate
    Summary
    Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-296 - Improper Following of a Certificate's Chain of Trust
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icinga2 Affected: >= 2.14.0, < 2.14.6
    Affected: >= 2.13.0, < 2.13.12
    Affected: < 2.12.12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48057",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-27T18:20:40.298192Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-27T18:27:57.002Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icinga2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.14.0, \u003c 2.14.6"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.13.0, \u003c 2.13.12"
                },
                {
                  "status": "affected",
                  "version": "\u003c 2.12.12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-296",
                  "description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-27T16:32:29.931Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f"
            },
            {
              "name": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d"
            }
          ],
          "source": {
            "advisory": "GHSA-7vcf-f5v9-3wr6",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga 2 certificate renewal might incorrectly renew an invalid certificate"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-48057",
        "datePublished": "2025-05-27T16:32:29.931Z",
        "dateReserved": "2025-05-15T16:06:40.940Z",
        "dateUpdated": "2025-05-27T18:27:57.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-30164 (GCVE-0-2025-30164)

    Vulnerability from cvelistv5 – Published: 2025-03-26 16:13 – Updated: 2025-05-12 15:41
    VLAI
    Title
    Icinga Web 2 has open redirect on login page
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user (or one that is able to authenticate), allows to manipulate the backend to redirect the user to any location. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. No known workarounds are available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-30164",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T17:11:13.990106Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-12T15:41:08.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user (or one that is able to authenticate), allows to manipulate the backend to redirect the user to any location. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. No known workarounds are available."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-601",
                  "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T16:13:26.590Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-8r73-6686-wv8q",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-8r73-6686-wv8q"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-8r73-6686-wv8q",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 has open redirect on login page"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-30164",
        "datePublished": "2025-03-26T16:13:26.590Z",
        "dateReserved": "2025-03-17T12:41:42.567Z",
        "dateUpdated": "2025-05-12T15:41:08.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27609 (GCVE-0-2025-27609)

    Vulnerability from cvelistv5 – Published: 2025-03-26 16:10 – Updated: 2025-03-26 18:05
    VLAI
    Title
    Icinga Web 2 Vulnerable to Reflected XSS
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27609",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T17:11:55.741138Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T18:05:36.741Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim\u0027s Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 1.1,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T16:10:19.223Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5cjw-fwjc-8j38",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5cjw-fwjc-8j38"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-5cjw-fwjc-8j38",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 Vulnerable to Reflected XSS"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27609",
        "datePublished": "2025-03-26T16:10:19.223Z",
        "dateReserved": "2025-03-03T15:10:34.079Z",
        "dateUpdated": "2025-03-26T18:05:36.741Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27406 (GCVE-0-2025-27406)

    Vulnerability from cvelistv5 – Published: 2025-03-26 15:49 – Updated: 2025-03-26 16:15
    VLAI
    Title
    Icinga Reporting Stored XSS leads to SSRF
    Summary
    Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of Icinga Reporting. As a workaround, review all templates and remove suspicious settings.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Icinga icingaweb2-module-reporting Affected: >= 0.10.0, < 1.0.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T16:15:15.393303Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T16:15:22.593Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2-module-reporting",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.10.0, \u003c 1.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of Icinga Reporting. As a workaround, review all templates and remove suspicious settings."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918: Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T15:49:45.273Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2-module-reporting/security/advisories/GHSA-7qvq-54vm-r7hx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-reporting/security/advisories/GHSA-7qvq-54vm-r7hx"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-reporting/releases/tag/v1.0.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-reporting/releases/tag/v1.0.3"
            }
          ],
          "source": {
            "advisory": "GHSA-7qvq-54vm-r7hx",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Reporting Stored XSS leads to SSRF"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27406",
        "datePublished": "2025-03-26T15:49:45.273Z",
        "dateReserved": "2025-02-24T15:51:17.267Z",
        "dateUpdated": "2025-03-26T16:15:22.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27405 (GCVE-0-2025-27405)

    Vulnerability from cvelistv5 – Published: 2025-03-26 15:10 – Updated: 2025-03-26 15:57
    VLAI
    Title
    Icinga Web 2 has XSS in embedded content
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27405",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T15:32:25.389310Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T15:57:52.238Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T15:10:10.288Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-3x37-fjc3-ch8w",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-3x37-fjc3-ch8w"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-3x37-fjc3-ch8w",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 has XSS in embedded content"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27405",
        "datePublished": "2025-03-26T15:10:10.288Z",
        "dateReserved": "2025-02-24T15:51:17.267Z",
        "dateUpdated": "2025-03-26T15:57:52.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-27404 (GCVE-0-2025-27404)

    Vulnerability from cvelistv5 – Published: 2025-03-26 14:21 – Updated: 2025-03-26 15:10
    VLAI
    Title
    Icinga Web 2 DOM-based XSS vulnerability
    Summary
    Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2 Affected: < 2.11.5
    Affected: >= 2.12.0, < 2.12.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-27404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T14:53:16.085511Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T14:53:31.777Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.11.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 2.12.0, \u003c 2.12.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T15:10:01.679Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-c6pg-h955-wf66",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-c6pg-h955-wf66"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3"
            }
          ],
          "source": {
            "advisory": "GHSA-c6pg-h955-wf66",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga Web 2 DOM-based XSS vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-27404",
        "datePublished": "2025-03-26T14:21:05.363Z",
        "dateReserved": "2025-02-24T15:51:17.267Z",
        "dateUpdated": "2025-03-26T15:10:01.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23203 (GCVE-0-2025-23203)

    Vulnerability from cvelistv5 – Published: 2025-03-26 13:44 – Updated: 2026-01-20 19:13
    VLAI
    Title
    Icinga has rest API endpoints accessible to restricted users
    Summary
    Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required (plus api access with regard to the api endpoints). And even though some of these Icinga Director users are restricted from accessing certain objects, are able to retrieve information related to them if their name is known. This makes it possible to change the configuration of these objects by those Icinga Director users restricted from accessing them. This results in further exploitation, data breaches and sensitive information disclosure. Affected endpoints include icingaweb2/director/service, if the host name is left out of the query; icingaweb2/directore/notification; icingaweb2/director/serviceset; and icingaweb2/director/scheduled-downtime. In addition, the endpoint `icingaweb2/director/services?host=filteredHostName` returns a status code 200 even though the services for the host is filtered. This in turn lets the restricted user know that the host `filteredHostName` exists even though the user is restricted from accessing it. This could again result in further exploitation of this information and data breaches. Icinga Director has patches in versions 1.10.4 and 1.11.4. If upgrading is not feasible, disable the director module for the users other than admin role for the time being.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Icinga icingaweb2-module-director Affected: >= 1.0.0, < 1.10.4
    Affected: >= 1.11.0, < 1.11.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23203",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T14:07:51.611117Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-02T16:02:38.737Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "icingaweb2-module-director",
              "vendor": "Icinga",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.10.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.11.0, \u003c 1.11.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required (plus api access with regard to the api endpoints). And even though some of these Icinga Director users are restricted from accessing certain objects, are able to retrieve information related to them if their name is known. This makes it possible to change the configuration of these objects by those Icinga Director users restricted from accessing them. This results in further exploitation, data breaches and sensitive information disclosure. Affected endpoints include icingaweb2/director/service, if the host name is left out of the query; icingaweb2/directore/notification; icingaweb2/director/serviceset; and icingaweb2/director/scheduled-downtime. In addition, the endpoint `icingaweb2/director/services?host=filteredHostName` returns a status code 200 even though the services for the host is filtered. This in turn lets the restricted user know that the host `filteredHostName` exists even though the user is restricted from accessing it.  This could again result in further exploitation of this information and data breaches. Icinga Director has patches in versions 1.10.4 and 1.11.4. If upgrading is not feasible, disable the director module for the users other than admin role for the time being."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-20T19:13:43.844Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3233-ggc5-m3qg",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3233-ggc5-m3qg"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/commit/3fcb20178ff1722329bf8689795e6cc8e53a9978",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/commit/3fcb20178ff1722329bf8689795e6cc8e53a9978"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/commit/8d9ecf3b0a852aa2a756c518ef4f29db9ca0f9ee",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/commit/8d9ecf3b0a852aa2a756c518ef4f29db9ca0f9ee"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.10.4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.10.4"
            },
            {
              "name": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.11.4",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/Icinga/icingaweb2-module-director/releases/tag/v1.11.4"
            }
          ],
          "source": {
            "advisory": "GHSA-3233-ggc5-m3qg",
            "discovery": "UNKNOWN"
          },
          "title": "Icinga has rest API endpoints accessible to restricted users"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-23203",
        "datePublished": "2025-03-26T13:44:58.110Z",
        "dateReserved": "2025-01-13T17:15:41.050Z",
        "dateUpdated": "2026-01-20T19:13:43.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }