Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information Disclosure
Icinga
NVD
GitHub
CVSS 3.0
7.8
EPSS
0.0%