Описание
NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is to pay for a subscription service where technical details may be disclosed at an unspecified later time
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nagios:nagios_xi:5.6.11:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.39851
Средний
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated user can inject additional commands into a request.
EPSS
Процентиль: 97%
0.39851
Средний
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo