CNNVD-202510-2332 Information

CNNVD ID

CNNVD-202510-2332

Related CVE

CVE-2025-61789

• CNNVD Published: 2025-10-16

Description (Chinese)

Icinga DB Web是Icinga开源的一个Icinga DB数据库的图形界面。 Icinga DB Web 1.1.4之前版本和1.2.3之前版本存在安全漏洞，该漏洞源于授权用户可通过自定义变量猜测受保护或隐藏变量的值。

Description (English)

Icinga DB Web is a graphical interface to an Icinga DB database from Icinga Open Source. There is a security loophole in previous versions of Icinga DB Web 1.1.4 and previous versions of 1.2.3, which stems from the fact that authorized users can guess the value of protected or hidden variables by using custom variables.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Icinga

Published

2025-10-16

Last Modified

2026-02-24

References

https://github.com/Icinga/icingadb-web/commit/5e982dad40ec379075307ab1693580138e675b18 https://github.com/Icinga/icingadb-web/security/advisories/GHSA-w57j-28jc-8429

Patch

https://github.com/Icinga/icingadb-web/releases