CVE-2017-16933

Name of the Vulnerable Software and Affected Versions Icinga 2 versions 2.x through 2.8.1

Description The issue allows local users to gain privileges by exploiting a chown call for a filename in a user-writable directory. This is achieved by leveraging access to the $ICINGA2 USER account for creation of a link.

Recommendations For Icinga 2 versions 2.x through 2.8.1, consider restricting access to the $ICINGA2 USER account to minimize the risk of exploitation. Additionally, monitor user-writable directories for suspicious activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.