# CVE-2022-24716

Icinga Web 2 is a software application that monitors computer systems and networks. It has a web interface that allows users to view and manage system resources. However, there is a vulnerability in Icinga Web 2 that allows unauthenticated users to access files on the system that are accessible to the web server user. This includes configuration files for Icinga Web 2 that contain database credentials. This vulnerability has been fixed in versions 2.9.6 and 2.10 of Icinga Web 2. However, if you are using an older version, you should upgrade to a newer version and rotate your database credentials.