Vulnerabilities (CVE)

Filtered by vendor Icinga Subscribe

Filtered by product Icinga Web 2

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-24368	2 Debian, Icinga	2 Debian Linux, Icinga Web 2	2020-10-16	4.3 MEDIUM	7.5 HIGH
Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2.
CVE-2018-18250	1 Icinga	1 Icinga Web 2	2020-08-24	5.0 MEDIUM	7.5 HIGH
Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.