vulnerability
SUSE: CVE-2022-24715: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:S/C:P/I:P/A:P) | Mar 8, 2022 | Mar 22, 2022 | Oct 26, 2022 |
Severity
6
CVSS
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Published
Mar 8, 2022
Added
Mar 22, 2022
Modified
Oct 26, 2022
Description
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration.
Solution(s)
suse-upgrade-icingaclisuse-upgrade-icingaweb2suse-upgrade-icingaweb2-commonsuse-upgrade-icingaweb2-vendor-dompdfsuse-upgrade-icingaweb2-vendor-htmlpurifiersuse-upgrade-icingaweb2-vendor-jshrinksuse-upgrade-icingaweb2-vendor-lessphpsuse-upgrade-icingaweb2-vendor-parsedownsuse-upgrade-icingaweb2-vendor-zf1suse-upgrade-php-icinga
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.