Primary

Context

Icinga 2 Filter Expression Permission Bypass Vulnerability

Vulnerability

A vulnerability exists in Icinga 2 versions 2.4.0 to 2.15.0, allowing authenticated API users to access restricted global variables and objects through filter expressions in the '/v1/objects' endpoint. This access bypasses normal permission controls, potentially exposing sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive global variables and objects, allowing users to obtain information that should be restricted.

Reproduction

To reproduce this vulnerability, an authenticated API user can send a request to the '/v1/objects' endpoint with a filter expression that references global variables or objects. The request will bypass the usual permission checks, allowing access to information that should be hidden.

Remediation

Users can upgrade to Icinga 2 versions 2.15.1, 2.14.7, or 2.13.13, where this vulnerability has been fixed.

Added: Oct 16, 2025, 6:25 PM

Updated: Oct 16, 2025, 6:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.3

remediation

7.7

relevance

0.7

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.3

remediation

7.7

relevance

0.7

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Icinga 2 Filter Expression Permission Bypass Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating