Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Icinga 2 API users could access restricted values in filter expressions
Vulnerability Description
Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information that should be hidden from them, including global variables not permitted by the variables permission and objects not permitted by the corresponding objects/query permissions. The vulnerability is fixed in versions 2.15.1, 2.14.7, and 2.13.13.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Icinga 2 安全漏洞
Vulnerability Description
Icinga 2是Icinga开源的一个监控系统。 Icinga 2 2.15.0及之前版本存在安全漏洞,该漏洞源于过滤表达式可访问未授权变量或对象,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A