Security Advisory

CVE-2025-61789

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-16 17:00:32

Last updated 2025-10-16 18:03:11

Assigner GitHub_M

State PUBLISHED

Description

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it. Versions 1.1.4 and 1.2.3 respond with an error if such a custom variable is used.

← Browse all CVEs View on cve.org ↗