CVE-2021-32746 Possible path traversal by use of the `doc` module

2021-07-1222:25:11

CWE-22

GitHub_M

www.cve.org

icinga web 2

path traversal

doc module

security vulnerability

version 2.3.0

version 2.8.2

web-server user

arbitrary files

permission management

fix

disable module

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

42.9%

JSON

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Between versions 2.3.0 and 2.8.2, the doc module of Icinga Web 2 allows to view documentation directly in the UI. It must be enabled manually by an administrator and users need explicit access permission to use it. Then, by visiting a certain route, it is possible to gain access to arbitrary files readable by the web-server user. The issue has been fixed in the 2.9.0, 2.8.3, and 2.7.5 releases. As a workaround, an administrator may disable the doc module or revoke permission to use it from all users.

CNA Affected

[
  {
    "product": "icingaweb2",
    "vendor": "Icinga",
    "versions": [
      {
        "status": "affected",
        "version": ">= 2.3.0, <= 2.8.2"
      }
    ]
  }
]