PT-2020-17239 · Icinga+1 · Icinga 2+1

N-O-X

Published

2020-12-15

Updated

2024-06-15

CVE-2020-29663

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Icinga 2 versions 2.8.0 through 2.11.7 Icinga 2 version 2.12.2

Description The issue arises when revoked certificates due for renewal are automatically renewed, ignoring the Certificate Revocation List (CRL). This means that even if a certificate has been revoked, the system will still renew it, potentially allowing unauthorized access.

Recommendations For Icinga 2 versions 2.8.0 through 2.11.7, update to version 2.11.8 or later. For Icinga 2 version 2.12.2, update to version 2.12.3 or later.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2020-29663

GHSA-PCMR-2P2F-R7J6

OPENSUSE-SU-2021:1029-1

OPENSUSE-SU-2021:1053-1

OPENSUSE-SU-2021:1054-1

OPENSUSE-SU-2021:1069-1

OPENSUSE-SU-2021:1089-1

OPENSUSE-SU-2021_1029-1

OPENSUSE-SU-2021_1089-1

OPENSUSE-SU-2024:10856-1

SUSE-SU-2022:3725-1

Affected Products

Icinga 2

Suse

PT-2020-17239 · Icinga+1 · Icinga 2+1

CVE-2020-29663

Weakness Enumeration

Related Identifiers

Affected Products

References · 36