PT-2020-14701 · Nagios · Nagios Xi

Published

2020-09-09

Updated

2021-07-21

CVE-2020-15903

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.3

Description A privilege escalation issue was found in backend scripts that ran as root, where some included files were editable by the nagios user.

Recommendations For versions prior to 5.7.3, update to version 5.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the editable files to prevent exploitation until the update can be applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-15903

Affected Products

Nagios Xi

PT-2020-14701 · Nagios · Nagios Xi

CVE-2020-15903

Related Identifiers

Affected Products

References · 3