exploitDog

CVE-2020-5796

Опубликовано: 13 нояб. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.

Ссылки

https://www.tenable.com/security/research/tra-2020-61
Exploit
Third Party Advisory
https://www.tenable.com/security/research/tra-2020-61
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nagios:nagios_xi:5.7.4:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00075

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-281

Связанные уязвимости

GHSA-cr82-m62c-8j4w

github

больше 3 лет назад

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.

EPSS

Процентиль: 23%

0.00075

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-281