CVE-2017-16882

Name of the Vulnerable Software and Affected Versions Icinga Core versions prior to 1.14.0 Icinga Core through 1.14.0

Description The issue allows local users to gain privileges by leveraging access to a non-root account. This is related to the execution of bin/icinga as root and the support of configuration options where certain files are owned by a non-root account. The affected components include bin/icingastats, bin/ido2db, and bin/log2ido.

Recommendations For Icinga Core versions prior to 1.14.0, update to version 1.14.0 or later to resolve the issue. For Icinga Core through 1.14.0, update to version 1.14.0 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.