PT-2008-6185 · Op5+1 · Op5 Monitor+1
Published
2008-11-10
·
Updated
2017-08-08
·
CVE-2008-5028
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Nagios version 3.0.5
op5 Monitor versions prior to 4.0.1
Description
A cross-site request forgery (CSRF) issue exists in cmd.cgi, allowing remote attackers to send commands to the Nagios process and trigger the execution of arbitrary programs via unspecified HTTP requests.
Recommendations
For Nagios version 3.0.5, update to a version later than 3.0.5 to resolve the issue.
For op5 Monitor versions prior to 4.0.1, update to version 4.0.1 or later to fix the problem.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nagios
Op5 Monitor