Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-3441 at MITRE


The database creation script (module/idoutils/db/scripts/ in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
CVSS v2 Scores
  National Vulnerability Database
Base Score 7.48
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

SUSE information

SUSE Bugzilla entry: 767319 [RESOLVED / FIXED]

SUSE Security Advisories: