CVE-2021-37343

Sažetak

A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios.

Reference

https://www.nagios.com/downloads/nagios-xi/change-log/
http://packetstormsecurity.com/files/165978/Nagios-XI-Autodiscovery-Shell-Upload.html

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

22-02-2022 - 14:30

Objavljeno

13-08-2021 - 12:15