14. 11. 2024 Mattia Codato Bug Fixes

NetEye 4 – Security Advisory

Synopsis

Important: Icinga2 security update

Type/Severity

Security Advisory: Critical

Topic

An update for the package icinga2 is now available for NetEye 4.

NetEye Product Security has rated this update as having a security impact of Critical. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating.

Description

An attacker can leverage the vulnerability to bypass the certificate validation for JSON-RPC and HTTP API connections.

Security Fix for NetEye 4.37:

  • icinga2-2.14.3_neteye1.53.2-1 (CVE-2024-49369)

Security Fix for NetEye 4.38:

  • icinga2-2.14.3_neteye1.54.2-1 (CVE-2024-49369)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed in the References section below.

Solution

4.37 Update icinga2 package to icinga2-2.14.3_neteye1.53.2-1

4.38 Update icinga2 package to icinga2-2.14.3_neteye1.54.2-1

For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section inside the User Guide.

Affected Products

All NetEye 4.x versions prior to and including 4.38

References

Mattia Codato

Mattia Codato

Software Developer - IT System & Service Management Solutions at Würth IT Italy

Author

Mattia Codato

Software Developer - IT System & Service Management Solutions at Würth IT Italy

Latest posts by Mattia Codato

02. 03. 2026 Bug Fixes, NetEye
Bug Fixes for NetEye 4.46
17. 12. 2025 Development, DevOps, Kubernetes
A K3s Cluster Based on Raspberry Pi’s – The Hardware Adventure
05. 12. 2025 Bug Fixes, NetEye
Bug Fixes for NetEye 4.43
05. 12. 2025 Bug Fixes, NetEye
Bug Fixes for NetEye 4.44
05. 12. 2025 Bug Fixes, NetEye
Bug Fixes for NetEye 4.45
See All

Related Content

Tags: ,

04. 06. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Keycloak)

Important: Keycloak security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the keycloak packages is now available for NetEye 4. Security Fix for NetEye 4.48 26.6.2_neteye1.40.0-1 Summary This vulnerability allows an attacker Read More
01. 06. 2026 GLPI, NetEye

GLPI: User Asset Confirmation in One Click

Use Case Anyone who manages GLPI knows the situation: assets get assigned to users, but there is never a formal acknowledgement that the user is aware of what was handed to them and that the data is accurate. No signature, Read More
30. 04. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (GLPI)

Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.47 10.0.25_neteye1.18.0-1 Summary The vulnerabilities include two Stored Read More
13. 04. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Elastic Stack)

Important: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the elastic stack packages are now available for NetEye 4, with a special focus on Kibana and Logstash. Security Fix Read More
01. 04. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Grafana)

Important: Grafana security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the grafana packages is now available for NetEye 4. Security Fix for NetEye 4.46 grafana-12.4.2_neteye3.29.2-1 Summary There are several patched vulnerabilities. Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive