CVE-2024-49369 | Icinga icinga2 up to 2.11.11/2.12.10/2.13.9/2.14.2 TLS Certificate client_cn certificate validation (GHSA-j7wq-r9mg-9wpv)

Inserito da Angelo Barbosa | Nov 12, 2024 | CVE

A vulnerability classified as problematic was found in Icinga icinga2 up to 2.11.11/2.12.10/2.13.9/2.14.2. This vulnerability affects unknown code of the component TLS Certificate Handler. The manipulation of the argument client_cn leads to improper certificate validation.

This vulnerability was named CVE-2024-49369. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49369 | Icinga icinga2 up to 2.11.11/2.12.10/2.13.9/2.14.2 TLS Certificate client_cn certificate validation (GHSA-j7wq-r9mg-9wpv)

Post correlati

CVE-2024-0455 | mintplex-labs anything-llm up to 0.0.x server-side request forgery

CVE-2024-7503 | WooCommerce plugin up to 2.7.5 on WordPress improper authentication

CVE-2024-43963 | WaspThemes YellowPencil Visual CSS Style Editor Plugin up to 7.6.1 on WordPress cross site scripting

CVE-2023-50550 | layui up to 2.74 data-content cross site scripting