Search CVE reports
1 – 10 of 55 results
CVE-2024-49369
Medium priorityIcinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0...
1 affected packages
icinga2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-41811
Medium priorityipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will...
1 affected packages
icinga-php-library
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga-php-library | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-24820
Medium priorityIcinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request...
1 affected packages
icingaweb2-module-director
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icingaweb2-module-director | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
CVE-2022-38254
Medium priorityNagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5.
3 affected packages
icinga, nagios3, nagios4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios3 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios4 | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-38251
Medium priorityNagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
3 affected packages
icinga, nagios3, nagios4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios3 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios4 | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-38250
Medium priorityNagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page.
3 affected packages
icinga, nagios3, nagios4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios3 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios4 | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-38249
Medium priorityNagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.
3 affected packages
icinga, nagios3, nagios4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios3 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios4 | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-38248
Medium priorityNagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php.
3 affected packages
icinga, nagios3, nagios4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios3 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios4 | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-38247
Medium priorityNagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.
3 affected packages
icinga, nagios3, nagios4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios3 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
nagios4 | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-36032
Medium priorityReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the...
2 affected packages
icinga-php-thirdparty, icingaweb2-module-reactbundle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga-php-thirdparty | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
icingaweb2-module-reactbundle | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |