Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-03-08T00:00:00
Updated: 2024-08-03T04:20:49.887Z
Reserved: 2022-02-10T00:00:00
Link: CVE-2022-24716
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-03-08T20:15:07.853
Modified: 2024-11-21T06:50:56.390
Link: CVE-2022-24716
Redhat
No data.