CVE-2025-23203

Summary

CVE-2025-23203: Icinga Director, an Icinga config deployment tool, contains a vulnerability impacting versions 1.0.0 and earlier, up to 1.10.3 and 1.11.3. An authenticated user, even with restricted access, can retrieve information related to objects they're not permitted to access. This allows for configuration changes, data breaches, and sensitive information disclosure. Affected API endpoints are `icingaweb2/director/service`, `icingaweb2/director/notification`, `icingaweb2/director/serviceset`, and `icingaweb2/director/scheduled-downtime`. Additionally, the `icingaweb2/director/services?host=filteredHostName` endpoint returns a status code 200, revealing the existence of the restricted `filteredHostName` host. Icinga Director recommends upgrading to versions 1.10.3 or 1.11.1, or disabling the director module for non-admin roles as a temporary solution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.