CVE-2021-32739

Name: CVE-2021-32739
Creator: NVD / NIST
Published: 2021-07-15T15:15:08.567+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 1.14%

Last modified Jun 17, 2026

CVE-2021-32739 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API users. EPSS estimates a 1.14% chance of exploitation in the next 30 days.

Description

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API users. With a read-ony user's credentials, an attacker can view most attributes of all config objects including `ticket_salt` of `ApiListener`. This salt is enough to compute a ticket for every possible common name (CN). A ticket, the master node's certificate, and a self-signed certificate are enough to successfully request the desired certificate from Icinga. That certificate may in turn be used to steal an endpoint or API user's identity. Versions 2.12.5 and 2.11.10 both contain a fix the vulnerability. As a workaround, one may either specify queryable types explicitly or filter out ApiListener objects.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

1.14%

62.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Icinga	Icinga	>= 2.4.0, < 2.11.10
Icinga	Icinga	>= 2.12.0, < 2.12.5
Debian	Debian Linux	9.0

References

https://github.com/Icinga/icinga2/security/advisories/GHSA-98wp-jc6q-x5q5Exploit, Third Party Advisory
https://icinga.com/blog/2021/07/02/releasing-icinga-2-12-5-2-11-10/Broken Link, Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00010.htmlMailing List, Third Party Advisory
https://github.com/Icinga/icinga2/security/advisories/GHSA-98wp-jc6q-x5q5Exploit, Third Party Advisory
https://icinga.com/blog/2021/07/02/releasing-icinga-2-12-5-2-11-10/Broken Link, Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00010.htmlMailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/11/msg00010.html

Timeline

Published: Jul 15, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-32739?

How severe is CVE-2021-32739?

CVE-2021-32739 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 1.14% probability of exploitation in the next 30 days.

How do I fix CVE-2021-32739?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-32739?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST