Known Vulnerabilities for products from Icinga
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Icinga".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-24893 json | Not Provided | 2026-04-14 | 2026-04-15 | |
| CVE-2023-30607 json | icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, templa... | 8.8 - HIGH | 2023-07-05 | 2023-07-11 |
| CVE-2022-24716 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-08 | 2023-04-10 |
| CVE-2022-24715 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-03-08 | 2023-07-17 |
| CVE-2022-24714 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-03-08 | 2022-11-09 |
| CVE-2021-37698 json | Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates pe... | 7.5 - HIGH | 2021-08-19 | 2021-12-03 |
| CVE-2021-32747 json | Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which cust... | 6.5 - MEDIUM | 2021-07-12 | 2021-07-15 |
| CVE-2021-32746 json | Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Between versions 2.3.0 and 2.8... | 5.3 - MEDIUM | 2021-07-12 | 2021-07-15 |
| CVE-2021-32743 json | Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates pe... | 8.8 - HIGH | 2021-07-15 | 2021-12-06 |
| CVE-2021-32739 json | Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates pe... | 8.8 - HIGH | 2021-07-15 | 2021-12-03 |
| CVE-2020-29663 json | Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be ren... | 9.1 - CRITICAL | 2020-12-15 | 2020-12-18 |
| CVE-2020-24368 json | Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to a... | 7.5 - HIGH | 2020-08-19 | 2022-12-13 |
| CVE-2020-14004 json | An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) e... | 7.8 - HIGH | 2020-06-12 | 2022-11-16 |
| CVE-2018-18250 json | Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the ... | 7.5 - HIGH | 2018-12-17 | 2020-08-24 |
| CVE-2018-18249 json | Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the chan... | 9.8 - CRITICAL | 2018-12-17 | 2020-01-16 |
| CVE-2018-18248 json | Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the ... | 6.1 - MEDIUM | 2018-12-17 | 2020-01-16 |
| CVE-2018-18247 json | Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter. | 5.4 - MEDIUM | 2018-12-17 | 2020-01-16 |
| CVE-2018-18246 json | Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or ... | 6.5 - MEDIUM | 2018-12-17 | 2020-01-16 |
| CVE-2018-6536 json | An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a no... | 5.5 - MEDIUM | 2018-02-02 | 2019-10-03 |
| CVE-2018-6535 json | An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose th... | 8.1 - HIGH | 2018-02-27 | 2019-10-03 |
Known software with vulnerabilities from Icinga
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Icinga | Icinga | 0.0.1 |
| Application | Icinga | Icinga Web 2 | 1.0-11 |