CVE-2021-3193

Published: Jan 26, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user.

Affected (1)

Products: Nagios: Nagios Xi

Nagios

1 product

Nagios Xi

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nagios Nagios Xi	Up to 5.7.0

References (2)

https://www.nagios.com/products/security/

Source: cve@mitre.org

Vendor Advisory

https://www.nagios.com/products/security/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.