Icinga is a monitoring system which checks the availability of
network resources, notifies users of outages, and generates performance
data for reporting. The TLS certificate validation in all Icinga
2 versions starting from 2.4.0 was flawed, allowing an attacker to
impersonate both trusted cluster nodes as well as any API users
that use TLS client certificates for authentication (ApiUser objects
with the client_cn attribute set). This vulnerability has been
fixed in v2.14.3, v2.13.10, v2.12.11, and v2.11.12.