Fsteglich

**Name of the Vulnerable Software and Affected Versions** Icinga 2 versions 2.4.0 through 2.11.12 Icinga 2 versions 2.12.0 through 2.12.11 Icinga 2 versions 2.13.0 through 2.13.10 Icinga 2 versions 2.14.0 through 2.14.3 **Description** Icinga is a monitoring system used to check network resource availability, notify users of outages, and generate performance reports. A flaw exists in the TLS certificate validation process in all Icinga 2 versions starting from 2.4.0. This allows an attacker to impersonate trusted cluster nodes and API users who utilize TLS client certificates for authentication, specifically those with the `client cn` attribute set. The vulnerability could allow an attacker to bypass security restrictions and gain unauthorized access to sensitive information or execute arbitrary commands. **Recommendations** Update to Icinga 2 version 2.11.12 or later. Update to Icinga 2 version 2.12.11 or later. Update to Icinga 2 version 2.13.10 or later. Update to Icinga 2 version 2.14.3 or later.