CVE-2018-18245

Опубликовано: 12 дек. 2018

Источник: redhat

CVSS3: 4.7

EPSS Низкий

Описание

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Mobile Application Platform 4	nagios	Out of support scope
Red Hat Storage 3	nagios	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=1661478nagios: Stored XSS via Plugin Output

EPSS

Процентиль: 90%

0.0531

Низкий

4.7 Medium

CVSS3

Связанные уязвимости

CVE-2018-18245

CVSS3: 5.4

ubuntu

около 7 лет назад

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.

CVE-2018-18245

CVSS3: 5.4

nvd

около 7 лет назад

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.

CVE-2018-18245

CVSS3: 5.4

debian

около 7 лет назад

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin resu ...

GHSA-mmcj-m9g2-2r59

CVSS3: 5.4

github

больше 3 лет назад

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.

openSUSE-SU-2020:0500-1

suse-cvrf

почти 6 лет назад

Security update for nagios

EPSS

Процентиль: 90%

0.0531

Низкий

4.7 Medium

CVSS3