cve-2024-24820
Vulnerability from cvelistv5
Published
2024-02-09 00:00
Modified
2024-08-01 23:28
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L
Summary
Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery (CSRF). It enables attackers to perform changes in the monitoring environment managed by Icinga Director without the awareness of the victim. Users of the map module in version 1.x, should immediately upgrade to v2.0. The mentioned XSS vulnerabilities in Icinga Web are already fixed as well and upgrades to the most recent release of the 2.9, 2.10 or 2.11 branch must be performed if not done yet. Any later major release is also suitable. Icinga Director will receive minor updates to the 1.8, 1.9, 1.10 and 1.11 branches to remedy this issue. Upgrade immediately to a patched release. If that is not feasible, disable the director module for the time being.
References
security-advisories@github.comhttps://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/Press/Media Coverage
security-advisories@github.comhttps://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3Third Party Advisory
security-advisories@github.comhttps://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947Issue Tracking
security-advisories@github.comhttps://github.com/nbuchwitz/icingaweb2-module-map/pull/86Exploit
security-advisories@github.comhttps://support.apple.com/en-is/guide/safari/sfri11471/16.0Third Party Advisory
security-advisories@github.comhttps://www.chromium.org/updates/same-site/Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://github.com/nbuchwitz/icingaweb2-module-map/pull/86Exploit
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/en-is/guide/safari/sfri11471/16.0Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.chromium.org/updates/same-site/Issue Tracking
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.840Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3"
          },
          {
            "name": "https://github.com/nbuchwitz/icingaweb2-module-map/pull/86",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nbuchwitz/icingaweb2-module-map/pull/86"
          },
          {
            "name": "https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/"
          },
          {
            "name": "https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947"
          },
          {
            "name": "https://support.apple.com/en-is/guide/safari/sfri11471/16.0",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-is/guide/safari/sfri11471/16.0"
          },
          {
            "name": "https://www.chromium.org/updates/same-site/",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.chromium.org/updates/same-site/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "icingaweb2-module-director",
          "vendor": "Icinga",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e=1.0.0, \u003c 1.8.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.9.0, \u003c 1.9.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.10.0, \u003c 1.10.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.11.0, \u003c 1.11.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director\u0027s configuration forms used to manipulate the monitoring environment are protected against cross site request forgery (CSRF). It enables attackers to perform changes in the monitoring environment managed by Icinga Director without the awareness of the victim. Users of the map module in version 1.x, should immediately upgrade to v2.0. The mentioned XSS vulnerabilities in Icinga Web are already fixed as well and upgrades to the most recent release of the 2.9, 2.10 or 2.11 branch must be performed if not done yet. Any later major release is also suitable. Icinga Director will receive minor updates to the 1.8, 1.9, 1.10 and 1.11 branches to remedy this issue. Upgrade immediately to a patched release. If that is not feasible, disable the director module for the time being."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352: Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-09T00:00:00.692Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3"
        },
        {
          "name": "https://github.com/nbuchwitz/icingaweb2-module-map/pull/86",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nbuchwitz/icingaweb2-module-map/pull/86"
        },
        {
          "name": "https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/"
        },
        {
          "name": "https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947"
        },
        {
          "name": "https://support.apple.com/en-is/guide/safari/sfri11471/16.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.apple.com/en-is/guide/safari/sfri11471/16.0"
        },
        {
          "name": "https://www.chromium.org/updates/same-site/",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.chromium.org/updates/same-site/"
        }
      ],
      "source": {
        "advisory": "GHSA-3mwp-5p5v-j6q3",
        "discovery": "UNKNOWN"
      },
      "title": "Icinga Director configuration is susceptible to Cross-Site Request Forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-24820",
    "datePublished": "2024-02-09T00:00:00.692Z",
    "dateReserved": "2024-01-31T16:28:17.943Z",
    "dateUpdated": "2024-08-01T23:28:12.840Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.8.2\", \"matchCriteriaId\": \"0B846BE2-8F30-4A4A-A62B-F5205F5623D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.9.0\", \"versionEndExcluding\": \"1.9.2\", \"matchCriteriaId\": \"365FE35F-72DF-4287-9FDF-6D7E987C9534\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.10.0\", \"versionEndExcluding\": \"1.10.3\", \"matchCriteriaId\": \"D59D8750-4A96-4F59-9C75-EF57F9ABD2ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.11.0\", \"versionEndExcluding\": \"1.11.3\", \"matchCriteriaId\": \"87E0A7CE-F6C5-4931-BE94-D36DC69A4005\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director\u0027s configuration forms used to manipulate the monitoring environment are protected against cross site request forgery (CSRF). It enables attackers to perform changes in the monitoring environment managed by Icinga Director without the awareness of the victim. Users of the map module in version 1.x, should immediately upgrade to v2.0. The mentioned XSS vulnerabilities in Icinga Web are already fixed as well and upgrades to the most recent release of the 2.9, 2.10 or 2.11 branch must be performed if not done yet. Any later major release is also suitable. Icinga Director will receive minor updates to the 1.8, 1.9, 1.10 and 1.11 branches to remedy this issue. Upgrade immediately to a patched release. If that is not feasible, disable the director module for the time being.\"}, {\"lang\": \"es\", \"value\": \"Icinga Director es una herramienta manipulada para facilitar el manejo de la configuraci\\u00f3n de Icinga 2. Ninguno de los formularios de configuraci\\u00f3n de Icinga Director utilizados para manipular el entorno de monitoreo est\\u00e1 protegido contra cross site request forgery (CSRF). Permite a los atacantes realizar cambios en el entorno de monitoreo administrado por Icinga Director sin el conocimiento de la v\\u00edctima. Los usuarios del m\\u00f3dulo de mapas en la versi\\u00f3n 1.x deben actualizar inmediatamente a la versi\\u00f3n 2.0. Las vulnerabilidades XSS mencionadas en Icinga Web tambi\\u00e9n ya est\\u00e1n solucionadas y se deben realizar actualizaciones a la versi\\u00f3n m\\u00e1s reciente de la rama 2.9, 2.10 o 2.11 si a\\u00fan no se han hecho. Cualquier versi\\u00f3n importante posterior tambi\\u00e9n es adecuada. Icinga Director recibir\\u00e1 actualizaciones menores para las ramas 1.8, 1.9, 1.10 y 1.11 para solucionar este problema. Actualice inmediatamente a una versi\\u00f3n parcheada. Si eso no es posible, desactive el m\\u00f3dulo director por el momento.\"}]",
      "id": "CVE-2024-24820",
      "lastModified": "2024-11-21T08:59:47.043",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L\", \"baseScore\": 8.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L\", \"baseScore\": 8.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.5}]}",
      "published": "2024-02-09T00:15:08.437",
      "references": "[{\"url\": \"https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/nbuchwitz/icingaweb2-module-map/pull/86\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://support.apple.com/en-is/guide/safari/sfri11471/16.0\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.chromium.org/updates/same-site/\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/nbuchwitz/icingaweb2-module-map/pull/86\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://support.apple.com/en-is/guide/safari/sfri11471/16.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.chromium.org/updates/same-site/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-24820\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-02-09T00:15:08.437\",\"lastModified\":\"2024-11-21T08:59:47.043\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director\u0027s configuration forms used to manipulate the monitoring environment are protected against cross site request forgery (CSRF). It enables attackers to perform changes in the monitoring environment managed by Icinga Director without the awareness of the victim. Users of the map module in version 1.x, should immediately upgrade to v2.0. The mentioned XSS vulnerabilities in Icinga Web are already fixed as well and upgrades to the most recent release of the 2.9, 2.10 or 2.11 branch must be performed if not done yet. Any later major release is also suitable. Icinga Director will receive minor updates to the 1.8, 1.9, 1.10 and 1.11 branches to remedy this issue. Upgrade immediately to a patched release. If that is not feasible, disable the director module for the time being.\"},{\"lang\":\"es\",\"value\":\"Icinga Director es una herramienta manipulada para facilitar el manejo de la configuraci\u00f3n de Icinga 2. Ninguno de los formularios de configuraci\u00f3n de Icinga Director utilizados para manipular el entorno de monitoreo est\u00e1 protegido contra cross site request forgery (CSRF). Permite a los atacantes realizar cambios en el entorno de monitoreo administrado por Icinga Director sin el conocimiento de la v\u00edctima. Los usuarios del m\u00f3dulo de mapas en la versi\u00f3n 1.x deben actualizar inmediatamente a la versi\u00f3n 2.0. Las vulnerabilidades XSS mencionadas en Icinga Web tambi\u00e9n ya est\u00e1n solucionadas y se deben realizar actualizaciones a la versi\u00f3n m\u00e1s reciente de la rama 2.9, 2.10 o 2.11 si a\u00fan no se han hecho. Cualquier versi\u00f3n importante posterior tambi\u00e9n es adecuada. Icinga Director recibir\u00e1 actualizaciones menores para las ramas 1.8, 1.9, 1.10 y 1.11 para solucionar este problema. Actualice inmediatamente a una versi\u00f3n parcheada. Si eso no es posible, desactive el m\u00f3dulo director por el momento.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.7,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.8.2\",\"matchCriteriaId\":\"0B846BE2-8F30-4A4A-A62B-F5205F5623D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndExcluding\":\"1.9.2\",\"matchCriteriaId\":\"365FE35F-72DF-4287-9FDF-6D7E987C9534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.10.0\",\"versionEndExcluding\":\"1.10.3\",\"matchCriteriaId\":\"D59D8750-4A96-4F59-9C75-EF57F9ABD2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11.0\",\"versionEndExcluding\":\"1.11.3\",\"matchCriteriaId\":\"87E0A7CE-F6C5-4931-BE94-D36DC69A4005\"}]}]}],\"references\":[{\"url\":\"https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nbuchwitz/icingaweb2-module-map/pull/86\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://support.apple.com/en-is/guide/safari/sfri11471/16.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.chromium.org/updates/same-site/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://github.com/Icinga/icingaweb2-module-director/security/advisories/GHSA-3mwp-5p5v-j6q3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/Icinga/icingaweb2/issues?q=is%3Aissue++is%3Aclosed+4979+4960+4947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nbuchwitz/icingaweb2-module-map/pull/86\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://support.apple.com/en-is/guide/safari/sfri11471/16.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.chromium.org/updates/same-site/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.