CVE-2025-61789

by Fred · 16/10/2025

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it. Versions 1.1.4 and 1.2.3 respond with an error if such a custom variable is used.

More information : https://github.com/Icinga/icingadb-web/commit/5e982dad40ec379075307ab1693580138e675b18

CVE-2025-61789

Similar

Recent Posts

Categories

CVE-2025-61789

Share this:

Similar

Recent Posts

Categories

Tags