** DISPUTED ** NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is to pay for a subscription service where technical details may be disclosed at an unspecified later time.
References
Link | Resource |
---|---|
https://code610.blogspot.com/2020/03/postauth-rce-bugs-in-nagiosxi-5611.html | Exploit Third Party Advisory |
Configurations
Information
Published : 2021-02-15 10:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-22427
Mitre link : CVE-2020-22427
JSON object : View
CWE
Products Affected
nagios
- nagios_xi