Privilege Escalation Vulnerability in Icinga 2.x through 2.8.1

Privilege Escalation Vulnerability in Icinga 2.x through 2.8.1

CVE-2018-6533 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered in Icinga 2.x through 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-executed code (a larger issue than CVE-2017-16933).

Learn more about our Web Application Penetration Testing UK.