PT-2018-17616 · Icinga · Icinga
Crunsher
·
Published
2018-02-27
·
Updated
2018-03-23
·
CVE-2018-6532
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Icinga versions 2.x through 2.8.1
Description
An issue allows an attacker to exhaust a lot of memory on the server side by sending specially crafted requests, triggering the OOM killer. This can be done through both authenticated and unauthenticated requests.
Recommendations
For versions 2.x through 2.8.1, update to a version that contains a fix for this issue to prevent memory exhaustion attacks.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Icinga