An update for the package icinga2 is now available for NetEye 4.
NetEye Product Security has rated this update as having a security impact of Critical. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating.
Description
An attacker can leverage the vulnerability to bypass the certificate validation for JSON-RPC and HTTP API connections.
Security Fix for NetEye 4.37:
icinga2-2.14.3_neteye1.53.2-1 (CVE-2024-49369)
Security Fix for NetEye 4.38:
icinga2-2.14.3_neteye1.54.2-1 (CVE-2024-49369)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed in the References section below.
Solution
4.37 Update icinga2 package to icinga2-2.14.3_neteye1.53.2-1
4.38 Update icinga2 package to icinga2-2.14.3_neteye1.54.2-1
For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section inside the User Guide.
Affected Products
All NetEye 4.x versions prior to and including 4.38
Important: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch and kibana packages is now available for NetEye 4. Security Fix for NetEye 4.44 9.0.8_neteye3.85.1-1 CVEs CVE-2025-25009: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N Read More
TLTR1: Did you pick all the sweet grapes that grew in your vineyard? They’re sweet, but they degrade faster than you think. Now, to give them long-lasting value, get the must out of it and put a lot of knowledge, Read More
Important: Elastic Stack security update (installed with SIEM) Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch package is now available for NetEye 4. Security Fix for NetEye 4.43 8.18.6_neteye3.81.9-1 CVE-2025-54988 (Apache Read More
Important: Elastic Stack security update (installed with SIEM) Type/Severity NetEye Product Security has rated this update as having a Critical security impact. Topic An update for the kibana package is now available for NetEye 4. Security Fix for NetEye 4.41 8.18.3_neteye3.79.1-1 CVSSv3.1: 9.9 Read More
Blog auf DEUTSCH. Una versione ITALIANA seguirà fra poco! [Disclaimer: this blog is deliberatively written in German, an Italian version will follow. WürthPhoenix is Gold partner for GLPI for Italy and for the German Market (Germany, Austria, Switzerland, South Tyrol), Read More