QID 375844

Date Published: 2021-09-16

QID 375844: Nagios XI XSS Security Vulnerabilities

Nagios Core is a free and open source computer-software application that monitors systems, networks and infrastructure. Nagios offers monitoring and alerting services for servers, switches, applications and services.

Affected version:
Nagios XI prior to version 5.8.6

QID Detection Logic:(Authenticated)
It will check for vulnerable versions of Nagios Core from the version file.

Successful exploitation of this vulnerability affects confidentiality, integrity, and availability.

  • CVSS V3 rated as Medium - 5.4 severity.
  • CVSS V2 rated as Medium - 3.5 severity.
  • Solution
    The vendor has released the fix. This issue was fixed in version 5.8.6 or above. Please visit here for more information.
    Vendor References

    CVEs related to QID 375844

    Software Advisories
    Advisory ID Software Component Link
    Nagios XI 5.8.6 URL Logo www.nagios.com/downloads/nagios-xi/change-log/