CVE-2025-48057 (GCVE-0-2025-48057)
Vulnerability from cvelistv5
Published
2025-05-27 16:32
Modified
2025-05-27 18:27
Severity ?
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
Summary
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.
References
security-advisories@github.comhttps://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152
security-advisories@github.comhttps://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb
security-advisories@github.comhttps://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776
security-advisories@github.comhttps://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f
security-advisories@github.comhttps://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d
security-advisories@github.comhttps://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6
Impacted products
Vendor Product Version
Icinga icinga2 Version: >= 2.14.0, < 2.14.6
Version: >= 2.13.0, < 2.13.12
Version: < 2.12.12
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48057",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T18:20:40.298192Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T18:27:57.002Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "icinga2",
          "vendor": "Icinga",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.14.0, \u003c 2.14.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.13.0, \u003c 2.13.12"
            },
            {
              "status": "affected",
              "version": "\u003c 2.12.12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-296",
              "description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-27T16:32:29.931Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6"
        },
        {
          "name": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152"
        },
        {
          "name": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb"
        },
        {
          "name": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776"
        },
        {
          "name": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f"
        },
        {
          "name": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d"
        }
      ],
      "source": {
        "advisory": "GHSA-7vcf-f5v9-3wr6",
        "discovery": "UNKNOWN"
      },
      "title": "Icinga 2 certificate renewal might incorrectly renew an invalid certificate"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48057",
    "datePublished": "2025-05-27T16:32:29.931Z",
    "dateReserved": "2025-05-15T16:06:40.940Z",
    "dateUpdated": "2025-05-27T18:27:57.002Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-48057\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-05-27T17:15:26.387\",\"lastModified\":\"2025-05-28T15:01:30.720\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.\"},{\"lang\":\"es\",\"value\":\"Icinga 2 es un sistema de monitorizaci\u00f3n que comprueba la disponibilidad de los recursos de red, notifica a los usuarios sobre interrupciones y genera datos de rendimiento para la generaci\u00f3n de informes. En versiones anteriores a las 2.12.12, 2.13.12 y 2.14.6, la funci\u00f3n VerifyCertificate() pod\u00eda ser manipulada para que tratara incorrectamente los certificados como v\u00e1lidos. Esto permite a un atacante enviar una solicitud de certificado maliciosa que se trata como una renovaci\u00f3n de un certificado ya existente, lo que permite al atacante obtener un certificado v\u00e1lido que puede usar para suplantar nodos de confianza. Esto solo ocurre cuando Icinga 2 se compila con OpenSSL anterior a la versi\u00f3n 1.1.0. Este problema se ha corregido en las versiones 2.12.12, 2.13.12 y 2.14.6.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-296\"}]}],\"references\":[{\"url\":\"https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48057\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-27T18:20:40.298192Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-27T18:27:50.828Z\"}}], \"cna\": {\"title\": \"Icinga 2 certificate renewal might incorrectly renew an invalid certificate\", \"source\": {\"advisory\": \"GHSA-7vcf-f5v9-3wr6\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Icinga\", \"product\": \"icinga2\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 2.14.0, \u003c 2.14.6\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.13.0, \u003c 2.13.12\"}, {\"status\": \"affected\", \"version\": \"\u003c 2.12.12\"}]}], \"references\": [{\"url\": \"https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6\", \"name\": \"https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152\", \"name\": \"https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb\", \"name\": \"https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776\", \"name\": \"https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f\", \"name\": \"https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d\", \"name\": \"https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-296\", \"description\": \"CWE-296: Improper Following of a Certificate\u0027s Chain of Trust\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-05-27T16:32:29.931Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-48057\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-27T18:27:57.002Z\", \"dateReserved\": \"2025-05-15T16:06:40.940Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-05-27T16:32:29.931Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.