CNNVD-202601-4895 Information
CNNVD ID
CNNVD-202601-4895
Related CVE
- CNNVD Published: 2026-01-29
Description (Chinese)
Icinga PowerShell Framework是Icinga开源的一个PowerShell模块。 Icinga PowerShell Framework 1.13.4之前版本、1.12.4之前版本和1.11.2之前版本存在安全漏洞,该漏洞源于证书目录权限设置不当,可能导致所有用户可读取私钥。
Description (English)
Icinga PowerShell Framework is a PowerShell module of the Icinga Open Source. There was a security loophole in the previous versions of Icinga PowerShell Platform 1.13.4, 1.12.4 and 1.11.2, which stemmed from the inappropriate set-up of the certificate directory, which could lead to private keys being readable by all users.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Icinga
Published
2026-01-29
Last Modified
2026-02-24
References
https://github.com/Icinga/icinga-powershell-framework/security/advisories/GHSA-88h5-rrm6-5973 https://icinga.com/blog/releasing-icinga-2-v2-15-2-v2-14-8-v2-13-14-and-icinga-for-windows-v1-13-4-v1-12-4-v1-11-2 https://github.com/Icinga/icinga2/security/advisories/GHSA-vfjg-6fpv-4mmr https://cxsecurity.com/issue/WLB-2026020024
Patch
https://github.com/Icinga/icinga-powershell-framework/releases
Share on: